NetIQ Identity Manager Identity Applications 4.8 Service Pack 1 HotFix 1 Release Notes

July 2020

This document outlines how you can apply this hotfix. This hotfix addresses CVE-2020-11849 which covers information exposure that can result in an elevation of privilege or an unauthorized access. Special thanks go to Mark van Reijn, of IDFocus, for finding this and responsibly disclosing it to us.

1.0 Upgrading to Identity Applications 4.8.1 Hotfix 1

You must be on Identity Manager 4.8.1 at a minimum to apply this hotfix.

IMPORTANT:In a cluster setup, ensure that you install the hotfix on each node of the Identity Applications cluster.

1.1 Upgrading to Identity Applications 4.8.1 Hotfix 1 on Linux

  1. Stop the Tomcat service running on your Identity Applications server by running the following command:

    systemctl stop netiq-tomcat.service
  2. Back up the IDMProv.war file from the /opt/netiq/idm/apps/tomcat/webapps directory.

  3. Download and extract the IDM48-APPS-SP1_HF1.zip file from the NetIQ Download site.

  4. Delete the following from the /opt/netiq/idm/apps/tomcat/webapps directory.

    • IDMProv.war

    • IDMProv directory

  5. Locate the IDMProv.war file in the extracted file and copy it to the /opt/netiq/idm/apps/tomcat/webapps directory.

  6. Run the following commands to execute permissions and user rights for the replaced war files:

    • chmod +x IDMProv.war

    • chown -R novlua:novlua IDMProv.war

  7. Delete all the directories and files from the /opt/netiq/idm/apps/tomcat/temp and /opt/netiq/idm/apps/tomcat/work directories.

  8. Start the Tomcat service on your Identity Applications server by running the following command:

    systemctl start netiq-tomcat.service

1.2 Upgrading to Identity Applications 4.8.1 Hotfix 1 on Windows

  1. From the Windows services, stop the IDM Apps Tomcat Service running on your Identity Applications server.

  2. Back up the IDMProv.war file from the <Identity Applications Tomcat installed location>\webapps\ folder.

  3. Download and extract the IDM48-APPS-SP1_HF1.zip file from the NetIQ Download site.

  4. Delete the following from the <Identity Applications Tomcat installed location>\webapps\ folder.

    • IDMProv.war

    • IDMProv folder

  5. Locate the IDMProv.war file in the extracted file and copy it to the <Identity Applications Tomcat installed location>\webapps\ folder.

  6. Delete all the files and folders from the <Identity Applications Tomcat installed location>\temp and <Identity Applications Tomcat installed location>\work folders.

  7. From the Windows services, start the IDM Apps Tomcat Service on your Identity Applications server.

2.0 Known Issues

NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in NetIQ Identity Manager 4.8 Service Pack 1 Release Notes. If you need further assistance with any issue, please contact Technical Support.

3.0 Contact Information

Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.

For detailed contact information, see the Support Contact Information website.

For general corporate and product information, see the NetIQ Corporate website.

For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.

4.0 Legal Notice

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.

© 2020 NetIQ Corporation. All Rights Reserved.