CP-IMV-140100-0001 Release Notes

The following defects have been fixed in this Cumulative Patch:
cis141
Defects Fixed
The following defects have been fixed in this Cumulative Patch:
 
Support Ticket
 
 
Engineering Ticket
 
 
Problem Summary
 
 
Root Cause and Additional Deployment Instructions
 
 
Associated Risk
 
769108
DE300107
User authentication error message on a locked user account creates vulnerability issue. 
Authentication proceeded whether user disabled or not 
HIGH
807335
DE308962
The load time for few operations in CA Identity Portal is long.
Enhancement
Additional Deployment Instructions:
 
Find additional instructions at:
HIGH
682588
DE278785
ADS Description field is not populated in Active Directory
Duplicate display values in the dropdown causing the key getting updated with wrong attribute name.
HIGH
776204
DE302776
Even though NO CICS segment is configured in CA Identity Manager, an account is created on an endpoint with CICS segment.
  1. RACF connector sets the OperatorReSignon attribute value to 0, by default.
  2. When viewing a user from CA Identity Manager, CICS segment seems enabled even though it is disabled on an endpoint. This is because of the wrong approach used to figure out whether CICS segment is enabled on an endpoint.
HIGH
776204
DE302776
Even though NO CICS segment is configured in CA Identity Manager, an account is created on an endpoint with CICS segment.
  1. RACF connector sets the OperatorReSignon attribute value to 0, by default.
  2. When viewing a user from CA Identity Manager, CICS segment seems enabled even though it is disabled on an endpoint. This is because of the wrong approach used to figure out whether CICS segment is enabled on an endpoint.
HIGH
727657
DE292855
Connector C++ service crashes
Windows ldap library(winldap) throwing exception instead of ldap error
HIGH
811262
DE310179
Getting the ClassCastException error when custom workpoint code (WorkflowScriptMethods.java) is involved in a custom workpoint process which is triggered by an Admin Modify user task.
ClassCastException error is not handled properly.
HIGH
770799
DE300208
New snapshot definitions retrieve only 1024 users instead of 34,000
Paging is not working when you include Users in the Snapshot.
MEDIUM
774014
DE300732
Modifying custom snapshot is failing with Number format exception.
Casting an empty string to Integer causes the number format exception.
MEDIUM
669977
DE275328
Web Service Configuration ID field
Web service configuration Id must not start with numeric value.
MEDIUM
773999
DE301721
Invalid user type constant
Type casting the user type to integer without verifying whether the value is a number causes the issue.
MEDIUM
691738
DE291620
Cannot remove SAP Account parameter
Unable to remove the SAP parameter values from SAP account from CA Identity Manager and Provisioning Manager. SAP parameter is a multi-valued compound attribute. SAP parameter has three fields (Parameter name, value, and short text). On removing the values, CA Identity Manager sends only the first two fields (Parameter name, value) to the SAP Connector and Connector tries to match with three fields which were already retrieved from Endpoint and hence the mismatch.
MEDIUM
734257
DE290128
Captcha fails to work in CA Identity Manager User Console.
Google recaptcha v1 support is deprecated. 
 
Additional Deployment Instructions:
 
Find the steps to configure reCaptcha at:
MEDIUM
666263
DE285345
'array index out of range' when using bulk loader
Conflict between previous patches caused this problem.
MEDIUM
765242
DE299689
Inconsistent Search results for Search filters in "Manage My Accounts" / "Modify User Endpoint Account"
Search operators were not implemented properly.
MEDIUM
533096
DE243092
Cannot import Email and Workflow settings.
Xml updates for email and workflow section was considered as new settings instead of modification therefore previous Cached values are again loaded into DB after their removal
MEDIUM
745361
DE300241
Unable to view audited tasks in View Submitted Tasks screen.
User details are not updated in the tasksession object for the Audited task.
MEDIUM
712074
DE290627
IP slowness - It takes ~30s to open the Access task and some other tasks
Enhancement to improve TEWS response times
MEDIUM
691738
DE291620
Cannot remove SAP Account parameter
Unable to remove the SAP parameter values from SAP account from CA Identity Manager and Provisioning Manager. SAP parameter is a multi-valued compound attribute. SAP parameter has three fields (Parameter name, value, and short text). On removing the values, CA Identity Manager sends only the first two fields (Parameter name, value) to the SAP Connector and Connector tries to match with three fields which were already retrieved from Endpoint and hence the mismatch.
MEDIUM
749722
DE296844
SCIM Connector fails with null attribute values.
SCIM endpoint can return null values in some of the attributes as part of response but SCIM connector does not handle this case. The result is that a null pointer exception in.SCIM connector adds the attribute value without checking the null.
MEDIUM
Internal
DE313604
Unable to view the ServiceNow account properties in CA Identity Manager.
Unable to view the ServiceNow account properties, because of the following error:
"User account read failed" Connector Server read failed: error code 53
MEDIUM
784220
DE305098
The lastLoginDTS attribute value is not captured in the Captured Snapshot event.
The lastLoginDTS attribute is missing in the connector mapping XML file.
MEDIUM
797575
DE307033
When viewing user attributes, few user attribute values which are non-English are shown incorrectly in CA Identity Manager for dynamic SCIM connector. 
While viewing the user account properties, the UTF-8 conversion is not supported for dynamic SCIM connector.
MEDIUM
792062
DE306095
When a snapshot of the User Profile runs, the questions and answers for the forgotten password are visible in the clear text even though they are encrypted in the user store.
The Password Hint attribute values are not encrypted while exporting the data to the report database.
LOW
746030
DE293643
Stored XSS Vulnerability through File Upload under System > Select Box Data > Import Select Box Data
Escaping mechanism for special character like <, >, &, was not used for the input fields like name and description in the Import Select Box Data page.
LOW
745231
DE294526
Attributes with an empty value in a command are ignored.
The search against user attributes for the NEQ operator retrieves only those users who have an attribute value.
LOW
688086
DE284692
Email Policy Adding Non Declared Recipients
Even if the approver is not declared in the email policy rule, an email is being sent to the approver through the workflow email policy rule.
LOW
746295
DE296192
Option Selector and Option Selector Combo fields do not support Screen LAH in Service Requests
Certain widgets such as the option selector was not able to translate multiple values correctly.
LOW
662688
DE273641
Application fault occurs when Provisioning Server is shutdown from service.
Invalid pointer. SSL context was freed.
LOW
738699
DE294190
When trying to search RACF user permission class through Provisioning Manager, im_ps.exe crashes.
The condition to check the reported index on the array was wrong.
LOW