If you are using LDAP authentication for your OSSIM or USM installation you may want to hold off the v5.3.2 upgrade.
In a recent message from AlienVault, an issue has been detected during the password reset process post upgrade. The Password reset process was initiated to improve the security of password storage within OSSIM and USM, however this process is not working correctly for LDAP authentication.
The message from AlienVault reads:
After the release of v5.3.2 for USM and OSSIM, we identified a defect that impacts customers using LDAP authentication. If you have already upgraded to v5.3.2, you may have noticed that there was a forced password reset upon the first login. This reset was intentional and was added to improve the security of how passwords are stored. However, this reset process is not working properly for LDAP authentications.
An update will be available later this week in the update server to resolve this issue. This update will patch the LDAP authentication issue so that logins will no longer be a problem.
If you are using LDAP authentication, please wait to update until the hotfix release is available.
If you have any questions or experience any issues resulting from this update, please reach out to our Support Team (support@alienvault.com).
No comments:
Post a Comment