search cancel

Windows KB5004442 Impact on UIM ?

book

Article ID: 244482

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

Is UIM vulnerable with Microsoft KB5004442 CVE-2021-26414?

https://support.microsoft.com/en-us/topic/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c

Environment

Release : 20.4

Component : UIM - SECURITY VULNERABILITIES

Resolution

Our engineering team has confirmed that we do not use DCOM RPC in UIM. We use our own callback mechanism that serves the purpose of RPC.