Access Manager 4.2 Service Pack 4 Release Notes

1.0 What’s New?

This release includes the following:

1.1 Operating System Upgrade

In addition to the existing supported platforms, this release supports RHEL 6.9.

1.2 Updates for Dependent Components

This release adds support for the following dependent components:

  • eDirectory

  • Java 1.8.0_131

  • Tomcat 8.0.43

  • iManager (20170428_1848)

NOTE:This release of Access Manager by default supports Tomcat 8.0.43 and OpenSSL 1.0.2k, but Administration Console uses Tomcat version 7.0.68 due to dependency on iManager.

1.3 Fixed Issues

This following issue is fixed in this release:

The OAuth GET Requests Return HTTP 401 Error

In some environments UserInfo Endpoint returns HTTP 401 Unauthorized when using valid tokens. [Bug 1038999]

Requesting An OAuth Scope Containing Java Script Can Cause XSS Attack

Java scripts and HTML tags are allowed in OAuth scope description. When scopes containing Java script are requested, XSS attack can occur (CVE-2017-7419).

For more information about this issue, see TID 7019893.

2.0 Supported Upgrade Paths

To upgrade to Access Manager 4.2.4, you must be on any one of the following Access Manager versions:

  • 4.2 Service Pack 3 Hotfix 1

  • 4.2 Service Pack 3

  • 4.2 Service Pack 2

3.0 Installing or Upgrading Access Manager

After purchasing Access Manager 4.2.4, log in to the NetIQ Downloads page and follow the link that allows you to download the software. The following files are available:

Table 1 Files Available for Access Manager 4.2.4




Contains Identity Server and Administration Console for Linux.


Contains Identity Server and Administration Console for Windows Server.


Contains Access Gateway Appliance iso.


Contains Access Gateway Appliance tar file.


Contains Access Gateway Service for Windows Server.


Contains Access Gateway Service tar file.

For more information about installing and upgrading, see the NetIQ Access Manager 4.2 Installation and Upgrade Guide.

4.0 Verifying Version Numbers After Upgrading to 4.2.4

After upgrading to Access Manager 4.2.4, verify that the version number of the component is indicated as To verify the version number, perform the following steps:

  1. In Administration Console Dashboard, click Troubleshooting > Version.

  2. Verify that the Version field displays

5.0 Known Issues

NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in Access Manager 4.2 Service Pack 3 Release Notes. If you need further assistance with any issue, please contact Technical Support.

6.0 Contact Information

Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email We value your input and look forward to hearing from you.

For detailed contact information, see the Support Contact Information website.

For general corporate and product information, see the NetIQ Corporate website.

For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.

7.0 Legal Notice

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see

Copyright © 2017 NetIQ Corporation, a Micro Focus company. All Rights Reserved.