ADSelfService Plus Fixes and Enhancements [2022]

ADSelfService Plus Fixes and Enhancements [2022]

Release Notes for build 6203 (Jun 30, 2022)
Issue fixed :
  • A denial-of-service attack issue (CVE-2022-34829) in the ADSelfService Plus Mobile App Deployment API has now been fixed.
    For more information, refer to our security advisory page.

Release Notes for build 6202 (Jun 27, 2022)
Security enhancement:
  • An option to prevent user enumeration by initiating a mock MFA process has now been included. This has been implemented to mitigate CVE-2022-28987.
Issue fixed:
  • An issue in which the Change Password notification was not triggered when the operation was performed via the mobile application or mobile web browser has now been fixed.

Release Notes for build 6201 (Jun 9, 2022)
Enhancements :
  • Mac Agent support has now been extended to macOS Monterey.
  • XLSX format is now supported for exporting reports.
  • An option to extend the portal session expiration duration to one day has now been provided.
Issues fixed :
  • Performance-related issues in User Reports, Restricted Users report, Password Expiration Notification, and Unrestrict Users scheduler have now been fixed.
  • An issue that blocked the database query while sending enrollment push notifications has now been resolved.
  • An issue in VPN MFA when the configured MFA method was push notification has now been fixed.
Release Notes for build 6200 (May 24, 2022)

Issues fixed:

  • The communication between the Password Sync Agent and the ADSelfService Plus server has now been secured with the inclusion of an access key (CVE-2021-37423) . For more information, refer to our security advisory page.
  • An issue which exposed the username information in the request URL sent to the ADSelfService Plus server upon successful IdP authentication has now been fixed.
  • An issue where the embedded employee search option was not displaying the desired results has now been resolved.
  • To enhance security, the Spring JAR files used in the product have now been updated to version 5.3.18.

Note : If you are already using the Password Sync Agent and wish to upgrade to build 6200, you must reinstall the Password Sync Agent to ensure proper functioning of the agent. Click here for the Password Sync Agent installation steps.


Release Notes for build 6123 (Apr 13, 2022)
Issue fixes :
  • A security vulnerability which exposed admin credentials if the ADSelfService Plus server access was compromised while installing the login agent using Remcom and RemoteExec methods has now been fixed.
  • A security vulnerability which caused XSS script execution in the Configured Domains page has now been fixed.
Release Notes for build 6122 (Apr 09, 2022)
Issue fix :
  • In product instances where post-action custom scripts are enabled, a security vulnerability (CVE-2022-28810) which could lead to remote code execution during password reset and password change, has been fixed. This vulnerability was reported by Hernan Diaz, Andrew Iwamaye, and Jake Baines of Rapid7.
Release Notes for build 6121 (Mar 03, 2022)
Issue Fix:
  • A security vulnerability (CVE-2022-24681) which allowed XSS script execution in the reset password, unlock account, and user must change password pages has now been fixed.
  • A vulnerability causing the NTLM Hash to be disclosed to operators when configuring the storage path of a remote machine in the Reports tab has now been fixed.
Release Notes for build 6120 (Feb 11, 2022)
Enhancements:
  • Site-based DC Update: Let's you assign a particular set of domain controllers (DCs) to an OU so that self-service changes made by users from that OU are quickly updated in the DCs assigned to that OU.
  • Password Sync tab is now equipped with the capability to deselect all the linked accounts for password reset, account unlock, and password change operations.
  • An option that allows domain display name to be shown or hidden in the end-user portal/pages has now been added in the Reset & Unlock tab.
  • IP-based portal restriction will now deny technician logins from black listed IP addresses.
  • Windows MFA, which was prompted for user login and screen unlock earlier will now be prompted only during user login.
Issues fixed:
  • Glitches pertaining to MFA application to macOS machines whose names contained spaces have been resolved.
  • When the login page was customized to display only the login button, the drop-down list had glitches. This issue has now been resolved.
  • An issue which caused the failure of SAML SSO for custom applications since only "Exclusive Canonicalization with Comments" XML Canonicalization method was supported has now been fixed.
  • An issue in which mail content was added to the syslog files has now been removed.
  • An issue specific to the Germany locale in displaying the number in the password policy enforcer text has now been fixed.
  • Text customizations done in Language Customization tab for languages other than English were not reflecting. This has been fixed.
  • A memory leak issue in VPN MFA's NPS extension has now been fixed.
Please click here to check the fixes and enhancements on the previous version of the application.