FMS 5.9.5 Hotfix HFIX-314 (4304899)

FMS 5.9.5 Hotfix HFIX-314

Quest Foglight CommandLineService Use of Hard-coded Credentials Remote Code Execution Vulnerability.

Defect ID        Resolved Issue
FGL-20406      Fixed issue regarding Foglight Remote Code Execution Vulnerability ZDI-CAN-9553

Resolution

Download the hotfix file for Foglight here.

Download the hotfix file for Foglight for Evolve here.

Download the hotfix file for Foglight for Virtualization here.

Download the hotfix file for Foglight for Database here.

Download the hotfix file for Foglight for Storage here.

 

Compatibility of this hotfix

• Foglight Management Server                      5.9.2, 5.9.3, 5.9.4, 5.9.5 and 5.9.6       All platforms
• Fogligh Evolve                                             9.0 and 9.1                                           All platforms
• Foglight for Virtualization Enterprise         8.7.5, 8.8, 8.8.5, 8.9 and 8.9.1             All platforms
• Foglight for Database                                  5.9.2, 5.9.3, 5.9.5                                All platforms
• Foglight for Storage                                    4.5.5, 4.6, 4.6.5, 4.7 and 4.8                All platforms
  
  

System requirements

This hotfix can be applied to all platforms and systems that are supported from Foglight 5.9.2 to 5.9.6.

Installing this hotfix

1. Extract the hotfix script reset_internal_accounts_pwd.groovy from the hotfix archive
2. For HA environment, stop all secondary nodes
3. Run the script reset_internal_accounts_pwd.groovy using foglight adminitration acount:
   
   Option 1: Run the script from Foglight UI (User Interface)

               Navigate to Script Editor (Administration > Tooling > Script Console > Scripts tab):
               Click the "Add" button
               Paste in the script in the Script box and click Run. Note that it may take some time to complete.

Option 2: Run the script from Foglight Command Line:
               Make a remote connection to Foglight Management Server, then copy and and paste the script file into the %FMS_HOME\bin directory and type the following:

Windows: %FMS_HOME\bin\fglcmd.bat -usr foglight -pwd -cmd script:run -f %FMS_HOME\reset_internal_accounts_pwd.groovy Linux: %FMS_HOME/bin/fglcmd.sh -usr foglight -pwd -cmd script:run -f %FMS_HOME/bin/reset_internal_accounts_pwd.groovy

Check script output of success message:

Password reset success for __report__
Password reset success for __service__

1. Restart FMS Server
2. For HA environment, start all secondary nodes

Verifying successful completion

To determine if this hotfix is installed:

     You get success message from script output

Removing this hotfix

      This hotfix cannot be uninstalled.

 

Note: Quest Software would like to thank rgod of 9sg working with Trend Micro Zero Day Initiative for bringing this vulnerability CVE-2020-8868 to our attention

FGL-20406

reset_internal_accounts_pwd