The IDR 12.22.0.0.37 release includes improvements to the IDR software upgrade process. It also features Tomcat upgrade and removal of no-company-specific URLs.

Tomcat Upgrade

IDR v12.22.0.0.37 now runs Tomcat v9.0.98, which includes a fix for the critical vulnerability identified as CVE-2024-56337.

Removal of Non-Company-Specific URLs from IDR

Access through non-company-specific URLs will soon be disabled. This change involves replacing the URLs used by the IDR to connect to the Software Update Repository and Adapter Update Repository with company-specific URLs. To ensure uninterrupted access, add the company-specific URL to your firewall's allow-list.

To determine if you are impacted, sign in to the Cloud Administration Console, navigate to Platform > Identity Router, and expand the Identity Router section to view the Status Indicators.

The Software Update Service/Adapter Update Service Status Indicator includes three statuses:

• The first two statuses check the IDR's connectivity through region-specific URLs.
• The newly introduced third status, Company Specific URL, verifies connectivity through the company-specific URL.

If the Company Specific URL status shows as healthy, no action is needed. However, if it is unhealthy, check your firewall rules to ensure the company-specific URL is included in the allow-list.

RSA recommends adding the wildcard access domain name (*.{baseAccessDomainName}.securid.com) to your firewall’s allow-list. If it is already listed, no further action is required. If not, you must add the company-specific URL to the allow-list to maintain uninterrupted access.

Company-specific URL format: companyName.{baseAccessDNSName}.securid.com

Company-specific URL format for GOV deployment: companyName.access.securidgov.com

Example: If the company name is rsa-dev in US deployment, then the company-specific URL will be: rsa-dev.access.securid.com. 

Refer to the following table for baseAccessDNSName.