One Identity has been named as an ASP "Ten Best Web Support Sites" award winner. Learn more.

Password Manager Product Notification

Self Service Tools
Knowledge Base
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
Support Essentials
Awards and Testimonials
License Agreement
Support Guide
Return
Critical
Critical Product Notification - Security Enhancements for Password Manager 5.6.2, 5.6.3

Potential product vulnerabilities have been identified in the following areas:

• Storage of the Master encryption key

• Storage of administrative service account credentials

Successful exploitation of these vulnerabilities would be dependent on and subject to direct privileged access, and as such represent only one of a number of potential opportunities open to a would-be attacker in such a position.

How does this affect Password Manager?

In an un-patched state Password Manager would remain potentially vulnerable to exploitation from attack internally or via authenticated, secured VPN access.

Resolution

To resolve the issues impacting Password Manager, as described in this notification, please install the associated security enhancement public hotfix for Password Manager for version 5.6.2, 5.6.3 available here:  

https://support.quest.com/password-manager/kb/213268   

Questions or comments 

If you have any questions or comments, please Contact Support. If you have a technical issue, please log a Service Request.  To manage your notifications Product Notifications.  

Thank You,
One Identity

A Quest Business