Several NuGenesis SDMS services are created with an unquoted image path - WKB194747
Article number: 194747
SYMPTOMS
- Several services in NuGenesis SDMS are created with an unquoted image path by default and run with elevated privileges, which is a security risk
ENVIRONMENT
- NuGenesis 9 SDMS
- NuGenesis 8 SDMS
- The following NuGenesis services:
- NuGenesis RPC
- NuGenesis VISION Server
- NuGenesis OSM Service
- NuGenesis Legal Hold Service
- NuGenesis Data Retention Service
- NuGenesis SDMS Login
- NuGenesis Print Scanner
CAUSE
The SDMS software installers create the services with unquoted image paths by default.
FIX or WORKAROUND
- In NuGenesis SDMS 9.0 and earlier versions, the NuGenesis RPC service CANNOT run when the image path is quoted. Defect report CRI-3 was filed for that issue, and starting in NuGenesis 9.1, this service works with a quoted image path, and the image path uses double-quotes by default.
- For all other NuGenesis services listed above, manually edit the registry key appropriate for the service:
-
NuGenesis VISION Server HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NuGenesis VISION Server\ImagePath NuGenesis OSM Service HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NuGenesis OSM Service\ImagePath NuGenesis Legal Hold Service HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NuGenesis Legal Hold Service\ImagePath NuGenesis Data Retention Service HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NuGenesis Data Retention Service\ImagePath NuGenesis SDMS Login HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NuGenesis SDMS Login\ImagePath NuGensis Print Scanner (UNIFYps)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NuGenesis Print Scanner\ImagePath
-
- Add double quotes around the path
- Restart the NuGenesis server
ADDITIONAL INFORMATION
Two defect reports have been filed for these issues:
- CRI-3104, for the NuGenesis VISION service
- CRI-3656, for all other NuGenesis services
id194747, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG