Privileged Account Manager 3.7 Patch Update 1 Release Notes

June 2020

Privileged Account Manager 3.7 P1 resolves several previous issues and contains improvements to existing features.

Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback in the Privileged Account Manager Community Support Forum, our online community that also includes product information, blogs, and links to helpful resources.

The documentation for this product is available on the NetIQ website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click the comment icon on any page in the HTML version of the documentation posted at the Privileged Account Manager Documentation website. To download this product, see the Micro Focus Downloads website.

1.0 Software Fixes

Privileged Account Manager 3.7 P1 includes software fixes that resolve the following issues:

Component

Bug ID

Issue

Administration Console

1157521

The Session Capture functionality does not capture the complete audit session. This issue occurs when you capture the session using the PuTTY SSH client or the Google Chrome browser.

1153781

The Credential Vault does not display the resources in the individual vault after an upgrade.

Command Control Agent

1171797

While auditing file transfers from a non-agent server to an agent server, the contents of the files are captured during the audit. This issue occurs when you use cpcksh or rsync shells to perform the file transfers.

1154123

While auditing file transfers from a non-agent server to an agent server, the contents of the files are captured during the audit. This issue occurs when you use cpcksh or scp shells to perform the file transfers.

Database Monitoring

1162048

During Database monitoring, the client connection fails when the Windows firewall of the workstation is enabled.

1162959

When Privileged Account Manager is used as a database connector to the Oracle database, the dbrunUser attribute in the reporting module returns User and Run As with the same value.

1163420

The database audit connection to the target Oracle server fails while using the SQL*Plus command-line utility.

User Console

1141112

When using password filter using regular expression to set the password correctly, password masking fails in Google Chrome Browser.

1163348

While using Credential Checkout, the email ID of the user does not auto-populate. The user has to specify the email ID every time the user logs out.

SSH Relay

1162034

Using SSH Relay after integrating Privileged Account Manager with Advanced Authentication, displays the domain name along with the username.

1166721

When Privileged Account Manager is registered with Solaris 11.3 agent. This issue occurs when you use usrun pcksh functionality to capture audits.

1164087

During Submit User implementation the password is clearly portrayed, although the user details are not present in the Credential Vault.

1165062

Windows Secure Copy (WinSCP) client configuration using SSH File Transfer Protocol fails.

REST API

1163349

REST API checkout requests that do not contain the email ID parameter fails.

1163390

REST, AUTH, and Login POST API calls for cookie authentication returns with invalid http result code on successful logins.

2.0 Security Vulnerability Fixes

Privileged Account Manager 3.7 P1 fixes the following two potentially vulnerable security issues:

  • Potential information disclosure during the REST API request. (CVE-2020-11846)

  • Privilege escalation vulnerability. (CVE-2020-11847)

3.0 Additions to Documentation

You can disable sticky keys and keyboard shortcuts to launch Task Manager in remote Application SSO sessions. The following topic has been added to the Privileged Account Manager documentation.

4.0 System Requirements

For information about hardware requirements, supported operating systems and browsers, see Privileged Account Manager 3.7 System Requirements and Sizing Guidelines.

5.0 Upgrading Privileged Account Manager

You can upgrade to Privileged Account Manager 3.7.0.1 from Privileged Account Manager 3.7 or later. When you upgrade Privileged Account Manager to version 3.7, a rollback of packages to version 3.6 or an earlier version is not supported.

For information about upgrading to Privileged Account Manager 3.7 P1, see Upgrading Privileged Account Manager in the Privileged Account Manager Installation Guide.

6.0 Updated Modules

This version of Privileged Account Manager 3.7 P1 updates the following modules:

  • Registry Client for registering and location framework services. <regclnt>

  • Remote execution for the command control agent <rexec>

  • Administration interface <admin>

  • Framework package <spf>

  • Provides secure management for privileged credentials <prvcrdvlt>

  • Command control console module <cmdctrl>

  • Access Manager <auth>

  • Agent Console <server>

  • Database Monitoring Manager <dbaudit>

  • RADIUS Agent <radiusagnt>

  • Registry Manager <registry>

  • SSH Relay Agent <sshrelay>

7.0 Known Issues

Micro Focus strives to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in the Privileged Account Manager 3.7 Release Notes. If you need further assistance with any issue, please contact Technical Support.

8.0 Contacting Micro Focus

For specific product issues, contact Micro Focus Support at https://www.microfocus.com/support-and-services/.

Additional technical information or advice is available from several sources: