Ubisecure CustomerID 5.3.2 has been released.

Ubisecure CustomerID 5.3.2 has been released. This release contains several bug corrections requested by Customers. New correction in CustomerID 5.3.2 Change Log Observed bug in 5.3 This patch contains fixes for four minor, but immediately impactful, bugs dealing with Backend … Read More

Ubisecure CustomerID 5.3.1 has been released.

Ubisecure CustomerID 5.3.1 has been released. This release contains a security bug correction. New correction in CustomerID 5.3.1: We’ve detected bug in our CustomerID 5.3 release. The issue does not exist in previous releases of CustomerID and there were only … Read More

Ubisecure SSO 8.3.3 has been released.

Ubisecure SSO 8.3.3 has been released. This release contains new features and corrections. New features in SSO 8.3.3: • Support for HTML emails in OAuth SMTP-OTP Grant. You can set a new parameter in OAuth and our language files to … Read More

Ubisecure Identity Server 2018.1 has been released.

Ubisecure Identity Server 2018.1 has been released. This release is comprised of Ubisecure SSO 8.3.0 and CustomerID 5.3.0. New features in SSO 8.3: • Password Reset – A new web application for resetting a forgotten password. • Support for Swedish BankID … Read More

Ubisecure SSO 8.2.24 has been released.

Ubisecure SSO 8.2.24 has been released. This version contains several improvements and corrections for Finnish Mobile ID (Mobile Certificate / Mobiilivarmenne) Authentication Method. Please check Ubisecure SSO 8.2 release notes and change logs for more information (links below) https://developer.ubisecure.com/docs/display/IDS82/SSO+Release+Notes https://developer.ubisecure.com/docs/display/IDS82/SSO+Change+Log Please contact … Read More

Vulnerability Note VU#475445

Reference: Vulnerability Note VU#475445 https://www.kb.cert.org/vuls/id/475445 System/application: Ubisecure SAML SP for .NET Date/Time Resolved: March 1st, 2018 Status: Resolved Issue Accouncement: It was announced to the public that multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM … Read More

Ubisecure Identity Server 8.2 has been released.

Identity Server 8.2 has been released. This release is comprised of Ubisecure SSO 8.2.19 and CustomerID 5.2.12. New features in SSO 8.2: OpenID Connect authentication providers can now be used as authentication methods in SSO. OpenID Connect added support for enabling encryption … Read More

Ubisecure SSO is not affected by Tomcat vulnerability CVE-2017-12617.

CVE-2017-12617, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617, the vulnerability affects only if: Tomcat is configured in readonly=false mode. This requires a specific setting in conf/web.xml to be set, which Ubisecure SSO does not do. WebDAV servlet is used and is configured in readonly=false mode. Ubisecure … Read More

Ubisecure CustomerID 5.1.9 released.

Ubisecure CustomerID 5.1.9 released. Release includes new features, enhancements and corrections. New features: Possibility to pass password value to backend call in registration summary step. Password reset works for registered authentications without user having to have an SSN attribute. Java … Read More

Ubisecure CustomerID 4.6.2 released.

Ubisecure CustomerID 4.6.2 released. Release includes correction to role invitations. IAM-2375: Correction to role invitations Please refer to release notes for more information.