Find Answers

Filter Search Results
All Operating Systems:
All Products:

All Solution Types:
Ask a Question
Example: "Database could not be verified"  
Tips | Start Over | Solutions | Alerts | Patches | Defects  
Pages [Next]
CMS-XML Using the File Server to Enhance Performance and Security with Version Manager 8.x
Attached to this article are the notes of a presentation that was given on this subject at Serena xChange 2007. It sheds light on configuration best practices for the PVCS Version Manager File Server, helping you to make configuration decisions for how to set up project databases to improve performance and archive security .
CMS-XML KM-Dim8: Reported Defect DEF72287: Issue Fixed in Dimensions 9.1.3: TD Versioning plugin logs userid's and passwords without encryption
The TD Versioning plug in - logs the connecting users's userids and passwords into the log file without password encryption - this is a high security issue. In Dimensions 9.1.3 there will be a new environment variable in the dm.cfg file DM_TDVCNATIVE_LOGFILE should to point to a logfile in any drive. In this log file : Passwords should appear as XXXXXXXX and those with no passwords should appear "No Password"
CMS-XML DMCM: Java 8 known issue with SSL encryption impacts CM SSO\CAC on Solaris
Disable the GCM implementation from the OracleUcrypto provider by adding the "Cipher.AES/GCM/NoPadding" string to the disabledServices section in its provider configuration file, for example, <java-home>/lib/ security /ucrypto-solaris.cfg.
CMS-XML Subsystem-Unique Checking of New Functional Security Entities Implemented in ZMF 8.2
Security Server software that issues a RACROUTE RC= 8 for a profile not found condition (e.g. CA-ACF2, CA-TSS), and RACF environments that have overridden the default return code for a 'profile not found' condition from 4 to 8 , must define the subsystem profile names for all subsystems. If they do not the response will be incorrectly interpreted as users being denied access to the functions and they will not be allowed to access them.
CMS-XML VM 8.2.1 - Security violation: user can perform actions prohibited by Access List
P2523 . Please use that patch instead. A Version Manager security violation has been found that allows a user to perform actions on an archive based on his/her base privileges, even though the archive has an Access List (of which the user is a member) that does not include the privilege for the action performed.
CMS-XML VM 8.5 - Embedded JRE has security vulnerabilities and a bug that intermittently breaks SSL
Version Manager ships with an embedded JRE that is used to run the VM desktop client and the Serena VM Web Application Server. For VM 8.5.0, it uses Java 7 Update 40 (1.7.0_40). A number of security vulnerabilities have since been discovered, as documented in the Java 7 Update Release Notes .
PDF Solutions Business Manager 11.8 Web Application Security Assessment White Paper
Micro Focus applies a multi-layered approach for security within SBM, incorporating best practices for preventing security breaches, as well as ensuring data integrity and confidentiality. MicroFocusTakes SecuritySeriously Internet applications are always vulnerable to attacks by various malicious users, abusive bots, and crawl- ers that can exploit weaknesses in the data security model to gain unauthorized access to important data.
CMS-XML ZMF 8.1 Passticket validation for protected userids
If an XML Service is executed on a ‘remote’ LPAR (i.e. one that is not hosting the ZMF Server started task), or on a 'local' LPAR using a TCP/IP connection method (e.g. the default method for SERXMLRC), and the submitter is a protected userid then the following symptoms are likely to be encountered on a ZMF 8 .1+ subsystem.
CMS-XML VM I-Net: IE 7 and IE 8 crash using the web client when DEP/NX memory protection is enabled in the browser
The feature is listed in the Security section on the Advanced tab of Internet Explorer's Tools -> Internet Options dialog: The feature is not enabled by default in IE 7, but it is enabled by default as of IE 8. Some customers find that, when they enable this feature, IE will crash when trying to access the VM I-Net web client with a message similar to:
CMS-XML VM 8.6.1+: VM I-Net Web Client fails to connect to VM server via a load balancer, firewall or network security software after upgrading to VM 8.6.1 or newer
For network security software (e.g. end-point- security ), add an exemption for the hostname/URL of the VM Server. (Sometimes changing the port in the URL from primary port 8080 to backup port 8090 can work to bypass the blockade, as this lesser known port may not have its traffic inspected by the security software.)
Pages [Next]

Welcome kb sso

My Recent Searches

Search Feedback

Are we answering your questions?

Additional Assistance

  • Submit a Case Online
  • FAQs