Released: Nov 27, 2025

Server and Console 2025.3.10.0 での更新項目

機能

Server

• Core - Added requirement for Entra ID secret expiration date during configuration to prevent unexpected login failures.
• Core - Improved Entra ID authentication by displaying warning banners and sending email alerts to administrators when secrets approach expiration.
• PAM - Added ability to create folders directly during PAM account import process.
• PAM - Improved PAM administrator access to automatically grant access to all PAM vaults without manual assignment.
• PAM - Reduced notification frequency for PAM health checks by sending alerts only once when accounts become out of sync.

Console

• Made minor updates.

不具合の修正

Server

• Security Fix: Core - Fixed SQL injection vulnerability in the last usage logs API endpoint.
• Security Fix: Core - Fixed security issue where sensitive credentials were exposed in API responses for certain connection types (SMB, HyperV, WebDav, and others).
• Security Fix: Core - Fixed security issue where SMTP configuration with passwords could be viewed through the API without administrator permissions.
• Core - Fixed database permission errors for scheduler service on notification group subscriber tables.
• Core - Fixed database permission errors for scheduler service when inserting telemetry events.
• Core - Fixed duplicate key violations that occurred during server startup when users had both administrator and vault owner roles.
• Core - Fixed erroneous mismatch log messages during SSO authentication from RDM.
• Core - Fixed issue where configured additional access URIs were no longer accessible.
• Core - Fixed login failures and server crashes when new users attempted to authenticate.
• Web - Fixed issue where PAM account approval requests in the messages UI would freeze the interface and require page refresh.