We use cookies to improve your experience on our site and enable certain core website functionalities. For more information, visit our Privacy Policy page.

Accept
  • Insights

iManage On-Prem Data Exfiltration Vulnerability

Brian Podolsky

< 1 min read

All Insights

Yesterday, iManage announced a new critical data exfiltration security vulnerability in their on-premises iManage Work Server builds.  All Work Server versions 9.4, 9.5, and 10.x versions are vulnerable. However, if you are not running 10.2.2.260 or later, iManage does strongly recommend upgrading to at least this build to resolve previous known vulnerabilities.

The following steps can be performed to remediate the vulnerability:

  1. Sign in as an administrator to the server running Work Server.
  2.  Download the allow_list_patch.zip file from the end of this advisory and extract the contents.
  3. Copy  _iman_allow.conf  the extracted archive into the appropriate directory based on your Work Server version.
  4. Restart Work Server to apply the new configuration.
  5. Repeat Steps 1–4 for each Work Server in your on-premises environment.

The allow_list_patch.zip file is available for download from the Advisory Bulletin on the iManage Help Center.

Please contact Kraft Kennedy if you need assistance..

 

Author

  • Tracy

    Passionate about efficiency, and meaningful, engaging experiences.
    Over the past decade overseeing the marketing and business development efforts at Kraft Kennedy, my focus has been digital transformation, implementing data-informed strategies that align cross-functional teams with a vision for growth.
    Leveraging expertise in business process improvement, technology adoption, and transition management, I help drive initiatives that enhance organizational performance. Harnessing technology to achieve more.
    My work focuses on understanding the changing needs of law firm professionals, and developing opportunities for knowledge exchange and delivery of actionable insights from technology experts.