立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Sessions 7.0.1.1 LTS - Release Notes

Release Notes

One Identity Safeguard for Privileged Sessions 7.0.1.1 LTS

Release Notes

06 April 2023, 11:45

These release notes provide information about the One Identity Safeguard for Privileged Sessions release. For the most recent documents and product information, see One Identity Safeguard for Privileged Sessions - Technical Documentation.

Topics:

About this release

One Identity Safeguard for Privileged Sessions Version 7.0.1.1 LTS is a maintenance release with known issues. For details, see:

NOTE: For a full list of key features in One Identity Safeguard for Privileged Sessions, see Administration Guide.

About the Safeguard product line

The One Identity Safeguard Appliance is built specifically for use only with the Safeguard privileged management software, which is pre-installed and ready for immediate use. The appliance is hardened to ensure the system is secured at the hardware, operating system and software levels. The hardened appliance approach protects the privileged management software from attacks while simplifying deployment and ongoing management -- and shortening the timeframe to value.

Safeguard privileged management software suite

Safeguard privileged management software is used to control, monitor, and govern privileged user accounts and activities to identify possible malicious activities, detect entitlement risks, and provide tamper proof evidence. The Safeguard products also aid incident investigation, forensics work, and compliance efforts.

The Safeguard products' unique strengths are:

  • One-stop solution for all privileged access management needs

  • Easy to deploy and integrate

  • Unparalleled depth of recording

  • Comprehensive risk analysis of entitlements and activities

  • Thorough Governance for privileged account

The suite includes the following modules:

  • One Identity Safeguard for Privileged Passwords automates, controls and secures the process of granting privileged credentials with role-based access management and automated workflows. Deployed on a hardened appliance, Safeguard for Privileged Passwords eliminates concerns about secured access to the solution itself, which helps to speed integration with your systems and IT strategies. Plus, its user-centered design means a small learning curve and the ability to manage passwords from anywhere and using nearly any device. The result is a solution that secures your enterprise and enables your privileged users with a new level of freedom and functionality.
  • One Identity Safeguard for Privileged Sessions is part of One Identity's Privileged Access Management portfolio. Addressing large enterprise needs, Safeguard for Privileged Sessions is a privileged session management solution, which provides industry-leading access control, as well as session monitoring and recording to prevent privileged account misuse, facilitate compliance, and accelerate forensics investigations.

    Safeguard for Privileged Sessions is a quickly deployable enterprise appliance, completely independent from clients and servers - integrating seamlessly into existing networks. It captures the activity data necessary for user profiling and enables full user session drill-down for forensics investigations.

  • One Identity Safeguard for Privileged Analytics integrates data from Safeguard for Privileged Sessions to use as the basis of privileged user behavior analysis. Safeguard for Privileged Analytics uses machine learning algorithms to scrutinize behavioral characteristics and generates user behavior profiles for each individual privileged user. Safeguard for Privileged Analytics compares actual user activity to user profiles in real time and profiles are continually adjusted using machine learning. Safeguard for Privileged Analytics detects anomalies and ranks them based on risk so you can prioritize and take appropriate action - and ultimately prevent data breaches.

Resolved issues

The following is a list of issues addressed in this release.

Table 1: General resolved issues in release 7.0.1.1 LTS
Resolved Issue Issue ID

RDP login could terminate all connections.

In some rare cases, a domain user who successfully logged in to a domain-joined RDP server through SPS could cause all RDP connections to terminate. In this case, a core file was also generated. This issue mainly affected transparent connections, or connections where SPS was acting as an RD Gateway, and where the server was behaving in a specific incorrect way during SPNEGO-based NLA authentication.

This has been fixed, the non-standard server behavior is now handled gracefully, and the affected connections can now pass.

388421

Using the default timeout for NFS mounts.

Previously, the NFS timeout was set to 15 seconds, instead of the default value of 60 seconds.

This has been fixed and now the default value is used.

389010

There was an upgrade scenario which could result in data loss if the Elasticsearch re-indexing did not finish before the upgrade. This issue has been resolved.

392760

Table 2: Resolved Common Vulnerabilities and Exposures (CVE) in release 7.0.1.1 LTS
Resolved Issue Issue ID

bind9:

CVE-2022-2795

 

CVE-2022-38177

 

CVE-2022-38178

cloud-init:

CVE-2022-2084

curl:

CVE-2022-32221

 

CVE-2022-35252

dbus:

CVE-2022-42010

 

CVE-2022-42011

 

CVE-2022-42012

expat:

CVE-2022-40674

 

CVE-2022-43680

gmp:

CVE-2021-43618

gnutls28:

CVE-2021-4209

 

CVE-2022-2509

heimdal:

CVE-2021-3671

 

CVE-2022-3116

 

CVE-2022-41916

isc-dhcp:

CVE-2022-2928

 

CVE-2022-2929

jbigkit:

CVE-2017-9937

ldb:

CVE-2021-3670

 

CVE-2022-32745

 

CVE-2022-32746

libjpeg-turbo:

CVE-2020-17541

 

CVE-2020-35538

 

CVE-2021-46822

libksba:

CVE-2022-3515

libtirpc:

CVE-2021-46828

libxml2:

CVE-2016-3709

 

CVE-2022-2309

 

CVE-2022-40303

 

CVE-2022-40304

libxslt:

CVE-2021-30560

linux:

CVE-2021-33061

 

CVE-2021-33655

 

CVE-2021-33656

 

CVE-2022-1652

 

CVE-2022-1679

 

CVE-2022-1734

 

CVE-2022-2586

 

CVE-2022-2588

 

CVE-2022-2602

 

CVE-2022-28893

 

CVE-2022-2978

 

CVE-2022-29901

 

CVE-2022-3028

 

CVE-2022-3176

 

CVE-2022-34918

 

CVE-2022-3524

 

CVE-2022-3564

 

CVE-2022-3565

 

CVE-2022-3566

 

CVE-2022-3567

 

CVE-2022-3594

 

CVE-2022-3621

 

CVE-2022-36946

 

CVE-2022-40768

 

CVE-2022-41674

 

CVE-2022-42703

 

CVE-2022-42719

 

CVE-2022-42720

 

CVE-2022-42721

multipath-tools:

CVE-2022-41973

 

CVE-2022-41974

mysql-8.0:

CVE-2022-21509

 

CVE-2022-21515

 

CVE-2022-21517

 

CVE-2022-21522

 

CVE-2022-21525

 

CVE-2022-21526

 

CVE-2022-21527

 

CVE-2022-21528

 

CVE-2022-21529

 

CVE-2022-21530

 

CVE-2022-21531

 

CVE-2022-21534

 

CVE-2022-21537

 

CVE-2022-21538

 

CVE-2022-21539

 

CVE-2022-21547

 

CVE-2022-21553

 

CVE-2022-21569

 

CVE-2022-21594

 

CVE-2022-21599

 

CVE-2022-21604

 

CVE-2022-21608

 

CVE-2022-21611

 

CVE-2022-21617

 

CVE-2022-21625

 

CVE-2022-21632

 

CVE-2022-21633

 

CVE-2022-21637

 

CVE-2022-21640

 

CVE-2022-39400

 

CVE-2022-39408

 

CVE-2022-39410

net-snmp:

CVE-2022-24805

 

CVE-2022-24806

 

CVE-2022-24807

 

CVE-2022-24808

 

CVE-2022-24809

 

CVE-2022-24810

nginx:

CVE-2022-41741

 

CVE-2022-41742

open-vm-tools:

CVE-2022-31676

openjdk-lts:

CVE-2022-21540

 

CVE-2022-21541

 

CVE-2022-34169

pcre2:

CVE-2022-1586

 

CVE-2022-1587

perl:

CVE-2020-16156

php7.4:

CVE-2022-31628

 

CVE-2022-31629

 

CVE-2022-31630

 

CVE-2022-37454

pillow:

CVE-2022-22817

 

CVE-2022-24303

 

CVE-2022-45198

pixman:

CVE-2022-44638

postgresql-12:

CVE-2022-2625

python3.8:

CVE-2022-37454

 

CVE-2022-45061

rsync:

CVE-2022-37434

samba:

CVE-2021-3670

 

CVE-2022-2031

 

CVE-2022-32742

 

CVE-2022-32744

 

CVE-2022-32745

 

CVE-2022-32746

shadow:

CVE-2013-4235

sqlite3:

CVE-2020-35525

 

CVE-2020-35527

 

CVE-2021-20223

 

CVE-2022-35737

strongswan:

CVE-2022-40617

sysstat:

CVE-2022-39377

tiff:

CVE-2022-0907

 

CVE-2022-0908

 

CVE-2022-0909

 

CVE-2022-0924

 

CVE-2022-1354

 

CVE-2022-1355

 

CVE-2022-2056

 

CVE-2022-2057

 

CVE-2022-2058

 

CVE-2022-22844

 

CVE-2022-2867

 

CVE-2022-2868

 

CVE-2022-2869

 

CVE-2022-34526

 

CVE-2022-3570

 

CVE-2022-3598

 

CVE-2022-3599

 

CVE-2022-3970

vim:

CVE-2022-0943

 

CVE-2022-1154

 

CVE-2022-1616

 

CVE-2022-1619

 

CVE-2022-1620

 

CVE-2022-1621

wayland:

CVE-2021-3782

zlib:

CVE-2022-37434
自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级