filtered

Categories

Documents matching ALL selected categories


Type

Documents matching ANY selected type


Sort By

25 hits

Web and Java Agents Security Advisory #202201

A security vulnerability has been discovered in supported versions of Web and Java Agents when using specific configurations. This vulnerability affects versions: Web Agent 5.6.1.0 - 5.9.0, and Java Agent 5.7.1, 5.8.0, 5.8.1 and 5.9.0. It could be present in older unsupported versions. You should secure your deployments at the earliest opportunity as outlined in this security advisory.


Security Advisory
Last updated Jan 24, 2022

Security Advisories

This book provides security advisories for ForgeRock products (AM, DS, IDM and IG).


Security Advisory
Last updated Jan 18, 2022

Log4j Security Advisory #202111

The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.


Security Advisory
Last updated Jan 5, 2022

AM Security Advisory #202110

Security vulnerabilities have been discovered in supported versions of Access Management (AM). These vulnerabilities affect versions 6.0.0.x, 6.5.0.x, 6.5.1, 6.5.2.x, 6.5.3, 7.0.x and 7.1.0, and could be present in older unsupported versions. You should secure your deployments at the earliest opportunity as outlined in this security advisory.


Security Advisory
Last updated Dec 8, 2021

DS Security Advisory #202108

Security vulnerabilities have been discovered in supported versions of Directory Services (DS). These vulnerabilities affect version 7.1.0 only and are not present in older versions. You should secure your deployments at the earliest opportunity as outlined in this security advisory.


Security Advisory
Last updated Dec 7, 2021

Java JDK Security Advisory #202109

ForgeRock are aware of a serious vulnerability in the implementation of certain cryptographic operations in Java JDK versions 15 and later. This affects Oracle® Java® and OpenJDK, including other JDKs derived from OpenJDK. You should follow the advice in this advisory to secure your deployments at the earliest opportunity.


Security Advisory
Last updated Nov 18, 2021

AM Security Advisory #202106

Security vulnerabilities have been discovered in supported versions of Access Management (AM). These vulnerabilities affect versions 6.0.0.x, 6.5.0.x, 6.5.1, 6.5.2.x, 6.5.3, 7.0.0 and 7.0.1, and could be present in older unsupported versions. You should secure your deployments at the earliest opportunity as outlined in this security advisory.


Security Advisory
Last updated Oct 19, 2021

AM Security Advisory #202104

A security vulnerability has been discovered in supported versions of Access Management (AM). This vulnerability affects versions 6.0.0.x, 6.5.0.x, 6.5.1, 6.5.2.x and 6.5.3; it also affects older unsupported versions: AM 5.x; OpenAM 9.x, 10.x, 11.x, 12.x and 13.x. You should secure your deployments at the earliest opportunity as outlined in this security advisory. NOTE: This does not affect AM 7 and above.


Security Advisory
Last updated Oct 19, 2021

Web Agents Security Advisory #202107

A security vulnerability has been discovered in supported versions of Web Agents. This vulnerability affects versions 5.7.0, 5.7.1, 5.7.2, 5.8.0, 5.8.1, 5.8.2, and 5.8.2.1. You should secure your deployments at the earliest opportunity as outlined in this security advisory.


Security Advisory
Last updated Sep 21, 2021

Web Agents Security Advisory #202105

Security vulnerabilities have been discovered in supported versions of Web Agents. These vulnerabilities affect versions 5.6.3, 5.7.0, 5.8.0, 5.8.1 and 5.8.2. You should secure your deployments at the earliest opportunity as outlined in this security advisory.


Security Advisory
Last updated Aug 23, 2021