Something went wrong... You can report this issue at backstage.forgerock.com
backstage/knowledgeKnowledge
  • libraries
  • Knowledge Base

Autonomous Identity

Home Browse

  • Latest
  • Security Advisories

Latest


Spring Framework Security Advisory #202203

The purpose of this advisory is to inform our customers that, based on current information, ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are NOT vulnerable to the Spring Framework vulnerabilities: Data Binding Rules CVE-2022-22968, RCE (Remote Code Execution) CVE-2022-22965 (Spring4shell), RCE CVE-2022-22963 and DoS (Denial of Service) CVE-2022-22950.


› Security Advisory
Last updated Apr 20, 2022

How do I connect to Google Cloud with a proxy server to download Docker images for Autonomous Identity?

The purpose of this article is to provide information on downloading Docker® images for Autonomous Identity from ForgeRock's Google Cloud® Registry (gcr.io) repository when you are using a proxy server.


› How To
Last updated Mar 22, 2022

How do I integrate Microsoft Azure AD with Autonomous Identity for SSO?

The purpose of this article is to provide the steps for configuring Single Sign-On (SSO) using Microsoft Azure Active Directory® (AD) as the IdP for Autonomous Identity.


› How To
Last updated Mar 10, 2022

Log4j Security Advisory #202111

The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.


› Security Advisory
Last updated Jan 5, 2022

Security Advisories


Spring Framework Security Advisory #202203

The purpose of this advisory is to inform our customers that, based on current information, ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are NOT vulnerable to the Spring Framework vulnerabilities: Data Binding Rules CVE-2022-22968, RCE (Remote Code Execution) CVE-2022-22965 (Spring4shell), RCE CVE-2022-22963 and DoS (Denial of Service) CVE-2022-22950.


› Security Advisory
Last updated Apr 20, 2022

Log4j Security Advisory #202111

The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.


› Security Advisory
Last updated Jan 5, 2022