September 8, 2020
A security vulnerability has been discovered in an IDM component. The issue is present in IDM 7.0.0.
This advisory provides guidance on how to ensure your deployments can be secured. Workarounds or patches are available to resolve the issue.
The maximum severity of issues in this advisory is Critical. Deployers should take steps as outlined in this advisory and deploy the recommended workarounds or resolutions as described within each issue below.
Issue #202002-01: Authentication Error(s)
|Product||ForgeRock Identity Management|
|Affected versions||IDM 7.0.0|
|Fixed versions||IDM 7.0.1|
|Component||IDM Remote Connector Server (RCS)|
Servlet authentication bypasses IDM's authentication filter.
Upgrade to IDM 7.0.1.
The following table tracks changes to the security advisory:
|September 8, 2020||Initial release|