Access Manager 5.0 Service Pack 4 Patch 1 (5.0.4.1) supersedes Access Manager 5.0.4.
For the list of software fixes and enhancements in the previous release, see Access Manager 5.0.4 Release Notes.
For information about Access Manager support lifecycle, see the Product Support Lifecycle page.
If you have suggestions for documentation improvements, click comment on this topic at the top or bottom of the specific page in the HTML version of the documentation posted on the Documentation page.
This release provides the following updated components:
Apache HTTP Server 2.4.62
Tomcat 9.0.91
Zulu jdk 8.0.392
Log4j 2.17.1
eDirectory 9.2.7
iManager 326_P3
Access Manager 5.0 Service Pack 4 Patch 1 resolves the following security issues:
Directory traversal vulnerability in Access Manager, CVE-2024-4556.
For more information, see KM000032782.
User impersonation with multi-factor authentication when configured in specification, CVE-2024-4555.
For more information, see KM000032781.
Multiple XSS vulnerability in Access Manager, CVE-2024-4554.
For more information, see KM000032780.
Access Manager supports radius authentication class. RADIUS client is updated to consistently send the Message-Authenticator (MA) attribute at the beginning of all RADIUS messages when the MessageAuthenticatorAttribute is set to true at Method configuration, CVE-2024-3596.
For more information, see Configuring Authentication Methods in the NetIQ Access Manager 5.0 Administration Guide.
After purchasing Access Manager 5.0.4.1, download the software and the license from the Software License and Download portal.
Table 1 Files Available for Access Manager 5.0.4.1
Filename |
Description |
---|---|
AM_5041_AccessManagerService_Linux64.tar.gz |
Contains the Identity Server and Administration Console .tar file. |
AM_5041_AccessGatewayService_Linux64.tar.gz |
Contains the Access Gateway Service .tar file for Linux. |
AM_5041_AccessGatewayAppliance.tar.gz |
Contains the Access Gateway Service .tar file. |
AM_5041_Containers.tar.gz |
Contains the .tar file of all the images for Docker deployment. |
AM_5041_HelmChart-1.0.5.tgz |
Contains the Access Manager Helm Chart 1.0.5. |
After upgrading to Access Manager 5.0.4.1, verify that the version number of the component is indicated as 5.0.4.1-25. To verify the version number, perform the following steps:
In Administration Console Dashboard, click Troubleshooting > Version.
Verify that the Version field lists 5.0.4.1-25.
For specific product issues, contact Micro Focus Support at https://www.microfocus.com/support-and-services/.
Additional technical information or advice is available from several sources:
Product documentation, Knowledge Base articles, and videos: https://www.microfocus.com/support-and-services/
The Micro Focus Community pages: https://www.microfocus.com/communities/
© 2009 - 2024 Open Text. Patents may cover this product, see https://www.opentext.com/patents.