Release Notes for AM/AMM 2.17.3

The “MinMemory” setting will not accept a value lower than 12 (GB). The Master Configuration script will validate the configuration but create error messages for known VMware issues and a warning if it detects the system RAM is 1G less than the value of “MinMemory”.

When creating a new zone and concurrently deleting the selected “Owner group” in a different tab, the zone can be still saved with the deleted group. The “Owner group” value in the zone list is blank.

When creating a new user/gateway and concurrently deleting the “Customer group”/“Group” in a different tab, the user/gateway can be still saved with the deleted group. The “Owner group”/“Group” value in the list is blank for that user/gateway.

Allow the router HFSN to have serial number where the value is 0000.

AM/AMM 2.17.3 will detect for clear text firewall rules on the AM/AMM upgrade and provide user messaging that directs users to make configuration changes to increase their end-to-end system security.

Notify users that the ’.vm’ suffix is added to KML report output file.

Restrict access to debug.vm to limit access to sensitive information.

Duplicate entries are being observed for oMG-Generic software packages on the AMM Software Repository page.

When checking Total Reach tab, some gateways update “Latest Connection Time” on all previously still connected devices whenever a new one connects. This leads to all devices connected to a gateway to have the same “Latest Connection Time”.

Increased the max client number of vsftp from 20 to 100.

For FTP log file upload: AMM gives an incorrect IP addresses to gateways without a management tunnel.

The Statistics Graph report is not displayed properly when clicking on hyperlinks from the Dashboard page.

To improve security of the solution, AM/AMM 2.17.3 blocks port 8082 (MSCI in clear text) by default.

Block port 1501 (dels) by default.

Groups in the node tree do not collapse after filtering gateways by group name.

System changes to improve CIS compliance.

Tomcat runs out of memory while loading generated reports during scalability testing.

Improvements that ensure that the AM/AMM goes through its proper shutdown procedure prior to reboot or power off to ensure that everything is left in a stable and consistent state.

Repeated warning message are displayed on HA configuration.

The ‘Configuration Audit’ report is removed in AM/AMM 2.17.3.

Addressed a logic error in High Availability detection of MySQL replication problems.

When a template was deployed to an MG90 gateway and it failed with a config sync error, the corresponding operation remained stuck in the “In progress” state instead of failing.

Upgraded MySQL to version 5.6.51 to address a number of identified security vulnerabilities.

Addressed an issue that if a template was generated from a device that only had time period/geographical region policies enabled on one of its WAN devices, then the template validation process will fail when deploying the template to a gateway.

Addressed an issue where the AM/AMM template deployment does not validate certain YAML files if they have keys deleted.

AM/AMM API improvement to make the number of concurrent requests limit configurable.

Addressed an issue with API monitoring where API requests with no client ID and/or user are captured in usage logs, but not displayed on AMM WebUI.

After installing an AM/AMM update, the High Availability feature is generating numerous security warnings that are not accurate.

This enhancement adds a status bar in the template editing page to display some summary information (fields that are changed) of the template, to make it easier to understand the content of the template.

Removed support for weak cipher in AM/AMM.

Improvements to the OpenVPN setup that allows for customer deployments that support both old and new routers and gateways.

Improved the security of AM/AMM by upgrading hash function for both new and existing users password using KDF.

Upgraded jQuery to address known security vulnerabilities.

Improved the security of AM/AMM by removing services running as root.

Addressed an issue that allowed for Cross Site Request Forgery vulnerability in user creation with the POST method.

• CVE-2022-25762
• CVE-2022-25315
• CVE-2022-25236
• CVE-2022-25235
• CVE-2022-23852
• CVE-2022-23219
• CVE-2022-23218
• CVE-2022-22824
• CVE-2022-22823
• CVE-2022-22822
• CVE-2022-22720

• CVE-2022-1154
• CVE-2022-0547
• CVE-2022-0318
• CVE-2021-44790
• CVE-2021-40438
• CVE-2021-39275
• CVE-2021-35942
• CVE-2020-11984
• CVE-2021-3773
• CVE-2020-1938
• CVE-2019-20330

• CVE-2019-18218
• CVE-2019-16746
• CVE-2019-11068
• CVE-2019-10082
• CVE-2019-9948
• CVE-2019-9169
• CVE-2019-8457
• CVE-2019-5953
• CVE-2019-5482
• CVE-2019-5481

There is a known issue in how the AM/AMM calculates the amount of memory required for CSV AssetTemperature Stats Graph report.

At the top of the Dashboard view when a single device or several devices are selected, there is a section at the top of the right pane that describes how many devices are in the group or details on the gateway (depending on if group or gateway is selected). The group path elements are hyperlinks. Clicking on a group in the shown path should select the group on the left pane while refreshing the right pane with its gateways. However, nothing happens when those hyperlinks are clicked.

Special character (backslash) in a Zone name prevented Zone Maps from being displayed. Customers should avoid creating Zone names with backslashes in them.

There is conflicting validation/help text with the template for the QoS Rule “Destination Address” field.

There are directories found in /home/inmotion/ftp/MHS_logs/ with GNX device connected that should not be present.

Some gateways do not show up on the Dashboard in AM/AMM due to the UI pagination. Customers can change the default page size to address this issue.

Main Battery (“Mainbattery”) “link” on the Dashboard links to a Stats Graph report for this stat. Editing this stat causes the data to disappear.

The Bandwidth Consumption erroneously reports high data usage during Daylight Savings.

When the Stats Graph report is generated for stats whose values depend on the user’s measurement units setting (e.g. Imperial or Metric), the actual displayed units may not agree with those displayed in the graph’s title, which makes the report confusing.