A hotfix has been created to address a potential security vulnerability. This hotfix applies to SMA versions: 8.0, 8.1, 9.0, and 9.1. You may download the hotfix and install it immediately, or wait for update distribution via the advertised appliance upgrade process. We encourage everyone to upgrade at your earliest convenience.

After the hotfix is applied or the appliance is updated via the appliance upgrade distribution process, the following versions will contain the fix for the potential security vulnerability: 8.0.321

8.1.109

9.0.271

9.1.318 or later

If you are running a version older than 8.0, it is highly recommend that you upgrade to 8.0.321 (hot fixed version) at a minimum. Q. What is the security vulnerability?

A. We found areas of the code where privilege escalation and remote code execution might occur. Q. What areas of the product does this vulnerability affect?

A. Provisioning, Service Desk Email, Error handling, Settings, Reporting, KB Articles. Q. Do I need to upgrade to the latest version of the product?

A. We recommend at the very minimum that customers apply the hotfix (version 8.0.321 at a minimum). All subsequent version upgrades (from 8.1) will contain the security vulnerability fix.

Q. How can I confirm that my appliance is at risk?

A. If you are on one of the affected versions (8.0, 8.1, 9.0, and 9.1 that are less than those listed in the post hotfix versioning) you may be at risk. However, we are not aware of any of these vulnerabilities being exploited to date.