A security vulnerability has been discovered in an IDM component. The issue is present in IDM 7.0.0.
This advisory provides guidance on how to ensure your deployments can be secured. Workarounds or patches are available to resolve the issue.
The maximum severity of issues in this advisory is Critical. Deployers should take steps as outlined in this advisory and deploy the recommended workarounds or resolutions as described within each issue below.
|Product||ForgeRock Identity Management|
|Affected versions||IDM 7.0.0|
|Fixed versions||IDM 7.0.1|
|Component||IDM Remote Connector Server (RCS)|
Servlet authentication bypasses IDM's authentication filter.
Upgrade to IDM 7.0.1.
The following table tracks changes to the security advisory:
|February 24, 2021||Added ForgeRock Identity Platform taxon to improve categorization|
|September 8, 2020||Initial release|