Is Identity Manager impacted by CVE-2017-8563
search cancel

Is Identity Manager impacted by CVE-2017-8563


Article ID: 188750


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite


Microsoft has released a patch ( to protect against vulnerability CVE-2017-8563.  Does this patch impact CA Identity Manager (Symantec IGA)  functionality?



Release : 14.3

Component : IdentityMinder(Identity Manager)


We have reviewed the Microsoft Document ( and its hardening response to CVE-2017-8563.  The patch is designed to provide hardening to Ldaps.  Employing the fix allows administrators to enforce secured signing (encryption) for LDAP bindings using SSL (Secure Socket Layers).  This will ensure that any non-secure Ldap requests are rejected either over port 389 (using SASL) or 636 (Ldap over SSL) where no valid certificate exists.  

The patch does not impact CA Identity Manager Provisioning if SSL has been enabled at the Endpoint.