Are One Identity Products impacted by the "Shai-Hulud" NPM Supply Chain Attack? (4380638)

Chatta subito con l'assistenza

Ottieni assistenza in tempo reale
Completa la registrazione

Accedi

Richiedi prezzo

Contatta il supporto vendite

Restituisci

Feedback inviato

Questo articolo ti è servito per risolvere il problema?

Seleziona valutazione

Titolo

Are One Identity Products impacted by the "Shai-Hulud" NPM Supply Chain Attack?
Descrizione

The "Shai-Hulud" NPM Supply Chain Attack involves a self-replicating worm which targets Node Package Manager (NPM) package containers across the open-source JavaScript ecosystem with the intention of collecting sensitive authentication credentials. The impacted packages are commonly used as developer assets in the development of other software products, which can lead to vulnerabilities within those products.
Risoluzione
To ensure customer security, One Identity followed industry best practices and tested the products listed below. Our testing did not identify any impacted packages in these products. No action is required from our customers at this time.

NOTE: We will continue to monitor this evolving situation and enhance our toolset if deemed necessary.
- Active Roles
- Defender
- Identity Manager
- Identity Manager Data Governance Edition (DGE)
- Identity Manager On Demand Starling Edition (SE)
- One Identity Safeguard for Privileged Passwords
- One Identity Safeguard for Privileged Sessions
- OneLogin
- PAM Essentials
- Password Manager
- Privilege Manager for UNIX
- Safeguard Authentication Services
- Safeguard for Sudo
- Safeguard on Demand
- Safeguard Privilege Manager for Windows
- Starling
- Starling Connect Connectors
- Syslog-NG Open Source (OSE)
- Syslog-NG Premium Edition (PE)
- Syslog-NG Store Box (SSB)

Feedback inviato

Questo articolo ti è servito per risolvere il problema?

Seleziona valutazione

Request a KB Article

Contenuti consigliati

Prodotto/i:: PAM Essentials
Hosted; Active Roles
8.2.1, 8.2, 8.1.5, 8.1.3, 8.1.1, 8.0.1 LTS, 8.0 LTS; Defender
6.7, 6.6, 6.5.1, 6.5, 6.4.1, 6.4, 6.3.1, 6.3, 6.2, 6.1; Identity Manager
9.3.1, 9.3, 9.2.2, 9.2.1, 9.2, 9.1.3, 9.1.2, 9.1, 9.0 LTS, 8.2.1; Identity Manager Data Governance Edition
9.3.1, 9.2.2, 9.2.1, 9.2, 9.1.3, 9.1.2, 9.1.1, 9.0 LTS, 8.2.1, 8.1.5, 8.1.4, 8.1.3, 8.1.2, 8.0.5; OneLogin
Hosted; One Identity Safeguard for Privileged Passwords
8.1, 8.0.1 LTS, 8.0 LTS, 7.0.5.1 LTS, 7.0.5 LTS, 7.4.2, 7.0.4.2 LTS, 7.0.4.1 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2 LTS, 7.0.1 LTS, 7.0 LTS, 6.14, 6.0.13 LTS, 6.0.12 LTS, 6.0.7 LTS, 6.7.3, 6.7.2, 6.7.1, 6.7; One Identity Safeguard for Privileged Sessions
8.1, 8.0.1 LTS, 8.0 LTS, 7.0.5.1 LTS, 7.0.5 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2.1 LTS, 7.0.2 LTS, 7.0.1.1 LTS, 7.0.1 LTS, 7.0 LTS, 6.14, 6.0.14 LTS, 6.0.13, 6.0.12, 6.0.11, 6.9.5, 6.9.4, 6.9.3, 6.9.2, 6.0.10, 6.0.9, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0 LTS; Password Manager
5.15, 5.14.5, 5.14.4, 5.14.3, 5.14.2, 5.14.1, 5.13.4, 5.14, 5.13.3, 5.13.2, 5.13.1, 5.12.3, 5.12.2, 5.12.1, 5.11.3, 5.11.2, 5.11.1, 5.10.1; Privilege Manager for Unix
7.4, 7.3, 7.2.3; Safeguard Authentication Services
6.1, 6.0.4 LTS, 6.0.3 LTS, 6.0.2 LTS, 6.0.1, 6.0 LTS, 5.1.3, 5.1.2, 5.1.1, 5.1, 5.0.8, 5.0.7; Safeguard On Demand
Hosted; Safeguard Privilege Manager for Windows
4.9, 4.8, 4.7.1, 4.6.1, 4.5.3, 4.7, 4.6, 4.5, 4.4.0.3, 4.4.0.2, 4.4.0.0; Safeguard for Sudo
7.4, 7.3, 7.2.3; syslog-ng Premium Edition
8.0.1, 8.0, 7.0.34, 7.0.33, 7.0.32, 7.0.29, 7.0.28, 7.0.27, 7.0.26, 7.0.20, 6.0.24, 6.0.23, 6.0.22, 6.0.21; syslog-ng Store Box
7.6.0, 7.5.0, 7.4.0, 7.3.0, 7.2.0, 7.1.0, 7.0.4 LTS, 7.0.3 LTS, 7.0.2 LTS, 7.0.1 LTS, 7.0 LTS, 6.0.5, 6.10.0, 6.9.0, 6.8.0; Starling Connect
Active Roles Integrated, Identity Manager Integrated, Hosted; Identity Manager On Demand - Starling Edition
Hosted

Argomento/i:: Technical Solutions

Cronologia articoli:: Data di creazione: 9/17/2025
Ultimo aggiornamento: 9/19/2025

Cerca in tutti gli articoli

Seleziona il prodotto:

Per una maggiore efficacia, compilare l'Obiettivo della chat:

Soluzioni consigliate per il problema

Are One Identity Products impacted by the "Shai-Hulud" NPM Supply Chain Attack? (4380638)

Titolo

Descrizione

Risoluzione

Leave a Comment