Are One Identity Products impacted by the "Shai-Hulud" NPM Supply Chain Attack? (4380638)

지금 지원 담당자와 채팅

라이브 도움말 보기
등록 완료

로그인

가격 산정 요청

영업 담당자에게 문의

반품

피드백 제출됨

이 문서로 해당 문제가 해결되었습니까?

평가 결과 선택

제목

Are One Identity Products impacted by the "Shai-Hulud" NPM Supply Chain Attack?
설명

The "Shai-Hulud" NPM Supply Chain Attack involves a self-replicating worm which targets Node Package Manager (NPM) package containers across the open-source JavaScript ecosystem with the intention of collecting sensitive authentication credentials. The impacted packages are commonly used as developer assets in the development of other software products, which can lead to vulnerabilities within those products.
해결 방안
To ensure customer security, One Identity followed industry best practices and tested the products listed below. Our testing did not identify any impacted packages in these products. No action is required from our customers at this time.

NOTE: We will continue to monitor this evolving situation and enhance our toolset if deemed necessary.
- Active Roles
- Defender
- Identity Manager
- Identity Manager Data Governance Edition (DGE)
- Identity Manager On Demand Starling Edition (SE)
- One Identity Safeguard for Privileged Passwords
- One Identity Safeguard for Privileged Sessions
- OneLogin
- PAM Essentials
- Password Manager
- Privilege Manager for UNIX
- Safeguard Authentication Services
- Safeguard for Sudo
- Safeguard on Demand
- Safeguard Privilege Manager for Windows
- Starling
- Starling Connect Connectors
- Syslog-NG Open Source (OSE)
- Syslog-NG Premium Edition (PE)
- Syslog-NG Store Box (SSB)

피드백 제출됨

이 문서로 해당 문제가 해결되었습니까?

평가 결과 선택

Request a KB Article

권장 콘텐츠

제품:: PAM Essentials
Hosted; Active Roles
8.2.1, 8.2, 8.1.5, 8.1.3, 8.1.1, 8.0.1 LTS, 8.0 LTS; Defender
6.7, 6.6, 6.5.1, 6.5, 6.4.1, 6.4, 6.3.1, 6.3, 6.2, 6.1; Identity Manager
9.3.1, 9.3, 9.2.2, 9.2.1, 9.2, 9.1.3, 9.1.2, 9.1, 9.0 LTS, 8.2.1; Identity Manager Data Governance Edition
9.3.1, 9.2.2, 9.2.1, 9.2, 9.1.3, 9.1.2, 9.1.1, 9.0 LTS, 8.2.1, 8.1.5, 8.1.4, 8.1.3, 8.1.2, 8.0.5; OneLogin
Hosted; One Identity Safeguard for Privileged Passwords
8.1, 8.0.1 LTS, 8.0 LTS, 7.0.5.1 LTS, 7.0.5 LTS, 7.4.2, 7.0.4.2 LTS, 7.0.4.1 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2 LTS, 7.0.1 LTS, 7.0 LTS, 6.14, 6.0.13 LTS, 6.0.12 LTS, 6.0.7 LTS, 6.7.3, 6.7.2, 6.7.1, 6.7; One Identity Safeguard for Privileged Sessions
8.1, 8.0.1 LTS, 8.0 LTS, 7.0.5.1 LTS, 7.0.5 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2.1 LTS, 7.0.2 LTS, 7.0.1.1 LTS, 7.0.1 LTS, 7.0 LTS, 6.14, 6.0.14 LTS, 6.0.13, 6.0.12, 6.0.11, 6.9.5, 6.9.4, 6.9.3, 6.9.2, 6.0.10, 6.0.9, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0 LTS; Password Manager
5.15, 5.14.5, 5.14.4, 5.14.3, 5.14.2, 5.14.1, 5.13.4, 5.14, 5.13.3, 5.13.2, 5.13.1, 5.12.3, 5.12.2, 5.12.1, 5.11.3, 5.11.2, 5.11.1, 5.10.1; Privilege Manager for Unix
7.4, 7.3, 7.2.3; Safeguard Authentication Services
6.1, 6.0.4 LTS, 6.0.3 LTS, 6.0.2 LTS, 6.0.1, 6.0 LTS, 5.1.3, 5.1.2, 5.1.1, 5.1, 5.0.8, 5.0.7; Safeguard On Demand
Hosted; Safeguard Privilege Manager for Windows
4.9, 4.8, 4.7.1, 4.6.1, 4.5.3, 4.7, 4.6, 4.5, 4.4.0.3, 4.4.0.2, 4.4.0.0; Safeguard for Sudo
7.4, 7.3, 7.2.3; syslog-ng Premium Edition
8.0.1, 8.0, 7.0.34, 7.0.33, 7.0.32, 7.0.29, 7.0.28, 7.0.27, 7.0.26, 7.0.20, 6.0.24, 6.0.23, 6.0.22, 6.0.21; syslog-ng Store Box
7.6.0, 7.5.0, 7.4.0, 7.3.0, 7.2.0, 7.1.0, 7.0.4 LTS, 7.0.3 LTS, 7.0.2 LTS, 7.0.1 LTS, 7.0 LTS, 6.0.5, 6.10.0, 6.9.0, 6.8.0; Starling Connect
Active Roles Integrated, Identity Manager Integrated, Hosted; Identity Manager On Demand - Starling Edition
Hosted

항목:: Technical Solutions

문서 내역:: 생성일: 9/17/2025
최종 업데이트 날짜: 9/19/2025

모든 기사 검색

제품을 선택하십시오.

더 나은 서비스 제공을 위해 채팅 목적을 작성해 주십시오.

문제에 대한 권장 솔루션

Are One Identity Products impacted by the "Shai-Hulud" NPM Supply Chain Attack? (4380638)

제목

설명

해결 방안

Leave a Comment