Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
DanShires
Contributor
Contributor

More details about AM-46855

Jump to solution

Is there any more information about More details about AM-4685 in the 8.6 Patch 4 other than "Updated the Oracle WebLogic components used by RSA Authentication Manager to prevent potential security vulnerabilities. JAVA is rolled back to 1.8.0_331. " ?

Does this issue map to a CVE?

Dan Shires
1 Solution

Accepted Solutions
RobertG
Occasional Contributor Occasional Contributor
Occasional Contributor

Hello,

There was a security advisory that was sent out related to various vulnerabilities resolved in Authentication Manager 8.6 Patch 4. Some of these are related to "AM-46855" listed in "Defects Fixed in Patch 4" section of the AM 8.6 Patch 4 readme: https://community.rsa.com/t5/securid-authentication-manager/rsa-authentication-manager-8-6-patch-4-readme/ta-p/685762.

The security advisory also recommends that customers upgrade at the earliest opportunity. This advisory can be found here: https://community.rsa.com/t5/securid-security-advisories/ssa-2022-08-securid-authentication-manager-security-update-for/ta-p/683905

 

View solution in original post

3 Replies
ravisundar_syf
New Contributor
New Contributor

Hi RSA Team,
 Regarding  AM-46855: Updated the Oracle WebLogic components used by RSA Authentication Manager to prevent
potential security vulnerabilities. JAVA is rolled back to 1.8.0_331.

Kindly confirm whether it's linked with CVE? and Do we have to apply this patch immediately ?.

 

Explored the additional details from below link,

Java™ SE Development Kit 8, Update 331 Release Notes (oracle.com)

 

0 Likes
RobertG
Occasional Contributor Occasional Contributor
Occasional Contributor

Hello,

There was a security advisory that was sent out related to various vulnerabilities resolved in Authentication Manager 8.6 Patch 4. Some of these are related to "AM-46855" listed in "Defects Fixed in Patch 4" section of the AM 8.6 Patch 4 readme: https://community.rsa.com/t5/securid-authentication-manager/rsa-authentication-manager-8-6-patch-4-readme/ta-p/685762.

The security advisory also recommends that customers upgrade at the earliest opportunity. This advisory can be found here: https://community.rsa.com/t5/securid-security-advisories/ssa-2022-08-securid-authentication-manager-security-update-for/ta-p/683905

 

Thank you for that.

Dan Shires
0 Likes