HW-189454 - Patch instructions to upgrade JQuery and Java versions
search cancel

HW-189454 - Patch instructions to upgrade JQuery and Java versions

book

Article ID: 327326

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

This article provides important information for upgrading the JQuery and Java versions to fix the below vulnerabilities. 

List of affected version

 Product Component  

 Version(s)  

 Applicable CVE(s) 

 VMware Identity Manager Appliance 

 3.3.7 

 CVE-2023-21930
 CVE-2023-21937
 CVE-2023-21938
 CVE-2023-21939
 CVE-2023-21954
 CVE-2023-21967
 CVE-2023-21968
 CVE-2021-41184



Environment

VMware Identity Manager 3.3.x

Resolution

Before You Begin:
  • It is recommended to upgrade instances of unsupported versions to newer, supported versions first before applying the patch. This procedure will not work for other versions. Please refer to the VMware Lifecycle Matrix for the list of supported versions of the product.
  • It is strongly recommended to take a snapshot or backup of the Appliance(s) and the database server before applying the procedure.
  • Download the patches:

     Product Component  

     Version(s)  

     VMware Identity Manager Appliance 

      3.3.7  


Note: If you are running a cluster deployment, repeat the steps above on all additional nodes of the cluster.

Patch Deployment Procedure:
  1. Login as sshuser, sudo to root level access
  2. Download and transfer HW-189454-Appliance-3.3.7.zip to the virtual appliance. This zip file can be saved anywhere on the file system. VMware recommends SCP protocol to transfer the file to the appliance. Tools such as winscp can also be used to transfer the file to the appliance.
  3. Unzip the file using the command below.
            unzip HW-189454-Appliance-3.3.7.zip -d HW-189454-Appliance-3.3.7
  4. Navigate to the files within the unzipped folder using the command below.
            cd HW-189454-Appliance-3.3.7
  5. Run the patch script using the below command
            ./HW-189454-applyPatch.sh
Patch Deployment Validations:
After the patch deployment, perform the below steps to confirm the patch is applied successfully
  1. Login as an Administrator to the VIDM Console and verify the System Diagnostics page is green.
  2. If the patch is applied successfully you can find a flag file created as HW-189454-3.3.7-hotfix.applied in /usr/local/horizon/conf/flags directory.
  3. Login as a local administrator into the Service and navigate to the Legacy Connector page. Click on the Worker link and check whether the auth adapters load under the "Auth Adapters" tab. Click on any Enabled auth adapter and check if the page opens correctly. 
  4. Perform Directory Sync to validate users/groups are synced.
  5. Check in the UI portal, if all tabs open properly, including the cfg page https://<vidm-hostname>:8443


Additional Information

To revert this patch, you can revert to the appliance(s) snapshot and the database backup taken before applying these steps.