Potential product vulnerabilities have been identified in the following areas:
• Storage of the Master encryption key
• Storage of administrative service account credentials
Successful exploitation of these vulnerabilities would be dependent on and subject to direct privileged access, and as such represent only one of a number of potential opportunities open to a would-be attacker in such a position.
How does this affect Password Manager?
In an un-patched state Password Manager would remain potentially vulnerable to exploitation from attack internally or via authenticated, secured VPN access.
Resolution
To resolve the issues impacting Password Manager, as described in this notification, please install the associated security enhancement public hotfix for Password Manager for version 5.6.2, 5.6.3 available here:
https://support.quest.com/password-manager/kb/213268
Questions or comments
If you have any questions or comments, please Contact Support. If you have a technical issue, please log a Service Request. To manage your notifications Product Notifications.
Thank You,
One Identity
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy