Critical Advisory: Update required to address vulnerabilities within the RPC protocol within iManage Work Server
04 September 2020
This notice ONLY applies to iManage Work on-premise customers running any version of iManage Work Server earlier than 10.3.1.366
During an internal review, iManage AppSec found that the Work Server RPC protocol can be exploited in such a way to allow bypass authentication. For Full details on the issue and action required, see the iManage advisory.
As action is required you will need to either update iManage Work Server to resolve this issue, or mitigate any potential impact before installing the update (this is only a temporary measure before updating the Work Server).
Mitigate Potential Impact
The information below is only intended to be used temporarily before upgrading the Work Server. Please keep in mind that the most secure path to resolve this issue is to update the iManage Work Server.
To mitigate any potential impact before you complete your Work Server upgrade, implement the following recommended procedures:
Disable RPC access to Work Server by blocking the designated RPC port. Blocking the Work Server RPC port blocks connections for classic Work client applications including DeskSite and FileSite.
Note: Work 10 applications use the iManage Universal API (REST API) and are not impacted if you block RPC access.
Disable the Work Anywhere access endpoint on Work Server by setting the Hosted DM Enabled registry setting to a value of N. For additional details regarding this setting including registry key information, please refer to the Setting up Network Login: Configuration and Settings article.
Disabling this endpoint blocks remote client connections that require Work Anywhere to communicate with Work Server.
Implement IP whitelisting to limit access to your iManage Work environment based on trusted IP addresses or IP address ranges.
Due to the critical nature of this issue, if you require assistance to upgrade your Work Server environment or implement one or more of the temporary workarounds, please contact OIA support as soon as possible.
Update iManage Work Server
Update your iManage Work Server(s) using the following upgrade paths and in accordance with your organisations normal process for managing high severity security vulnerabilities:
If you are running Work Server 10.2.2.256 or earlier including 10.x, 9.x, and 8.x versions, install Work Server 10.2.2.259. This version is available along with supporting documents on the iManage Work Server 10.x release page.*
If you are running Work Server 10.3.0.287, install Work Server 10.3.1.336. This version is available along with supporting documents on the iManage Work Server 10.x release page.