VMAN 2023.4.1 release notes
Release date: November 9, 2023
Here's what's new in VMAN 2023.4.1. You can find the applicable system requirements here.
To view release notes, system requirements, and product guide PDFs for supported versions of VMAN, see VMAN previous versions. To view release notes for multiple versions
VMAN runs on the SolarWinds Platform (self-hosted). VMAN release notes include the updates from the SolarWinds Platform (self-hosted).
New features and improvements in VMAN
There were no features or improvements added for VMAN in this release.
Fixed CVEs
At SolarWinds, we prioritize the swift resolution of CVEs to ensure the security and integrity of our software. In this release, we have successfully addressed the following CVEs.
SolarWinds CVEs
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
| CVE-ID | Vulnerability Title | Description | Severity | Credit |
|---|---|---|---|---|
| CVE-2023-40054 | SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability | The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33226. | 8.0 High | SolarWinds Security Team |
| CVE-2023-40055 | SolarWinds Network Configuration Manager Directory Traversal Remote Code Execution Vulnerability | The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges. We found this issue was not resolved in CVE-2023-33227. | 8.0 High | E5 SolarWinds Security Team |
Third-party CVEs
| CVE-ID | Vulnerability title | Description | Severity |
|---|---|---|---|
| 2023-4863 | Google Chromium WebP Heap-Based Buffer Overflow Vulnerability | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. SolarWinds does not support the use of WebP images on our website, and is not affected by this Google Chromium WebP Heap-Based Buffer Overflow vulnerability. SolarWinds has updated this library out of an abundance of caution since the vulnerability is a serious one. |
High |
Fixed customer issues
| Case number | Description | Platform product |
|---|---|---|
| 01299411, 01304414, 01315417, 01332458, 01330987, 01338228, 01352449, 01359614, 01378959, 01381782, 01382808, 01387496, 01394937, 01396603, 01399944, 01416205, 01418575, 01422299, 01434448, 01435077, 01440517, 01441196, 01441537, 01450495, 01450619, 01455989, 01460296, 01460595, 01471576 | When you use Windows authentication to connect to the SolarWinds Platform database, the login no longer fails. This issue caused intermittent user logouts from the SolarWinds Web Console. |
Platform |
| 01455230 | If you change the border color of a node on an Intelligent Map and then reset it to the default color, the border color is automatically updated to reflect the status of the node. |
Platform |
Installation or upgrade
For new installations, you can download the installation file from the product page on https://www.solarwinds.com or from the Customer Portal. For more information, see Get the installer.
For upgrades, go to Settings > My Deployment to initiate the upgrade. The SolarWinds Installer upgrades your entire deployment (all SolarWinds Platform products and any scalability engines).
For more information, see the SolarWinds Platform Product Installation and Upgrade Guide.
If you are on a version earlier than 2020.2.6, first upgrade to 2020.2.6 and then upgrade to the current version. Before upgrading, see Considerations for upgrading from the Orion Platform to the SolarWinds Platform.
Before you upgrade!
If you are upgrading from 2020.2.6 or earlier, please be aware of the following:
-
Make sure the database user you use to connect to your SQL Server has the db create privilege. Without this privilege, the upgrade will not complete.
-
The legacy syslog and traps functionality has been retired and replaced with new functionality called SolarWinds Log Viewer, which can be upgraded to Log Analyzer for additional capabilities. Current rules and history will automatically be migrated to the new logging functionality (SolarWinds Log Viewer or Log Analyzer). The functionality of SolarWinds Log Viewer and Log Analyzer has been improved to more closely match legacy functionality.
If you built syslog and trap alerts using custom SQL queries, they will not function after upgrading to 2022.3 or later. SolarWinds recommends you rewrite the alerts using SWQL (
Orion.OLM entities) or using the alerting functionality built into Log Viewer/Log Analyzer. -
Some upgrade situations from the Orion Platform to the SolarWinds Platform are not supported and the installer will stop the upgrade automatically.
- If you have a SQL Server older than 2016.
- If you have an Orion Platform product version 2020.2.1 or earlier.
End of life
| Version | EoL announcement | EoE effective date | EoL effective date |
|---|---|---|---|
| 2022.2 | November 1, 2023: End-of-Life (EoL) announcement – Customers on VMAN version 2022.2 or earlier should begin transitioning to the latest version of VMAN. | December 1, 2023: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for VMAN version 2022.2 or earlier will no longer actively be supported by SolarWinds. | December 1, 2024: End-of-Life (EoL) – SolarWinds will no longer provide technical support for VMAN version 2022.2. |
| 2020.2.6 | April 18, 2023: End-of-Life (EoL) announcement – Customers on VMAN version 2020.2.6 or earlier should begin transitioning to the latest version of VMAN. | May 18, 2023: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for VMAN version 2020.2.6 or earlier will no longer actively be supported by SolarWinds. | May 18, 2024: End-of-Life (EoL) – SolarWinds will no longer provide technical support for VMAN version 2020.2.6. |
| 2020.2.5 | January 18, 2023: End-of-Life (EoL) announcement – Customers on VMAN version 2020.2.5 or earlier should begin transitioning to the latest version of VMAN. | February 17, 2023: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for VMAN version 2020.2.5 or earlier will no longer actively be supported by SolarWinds. | February 17, 2024: End-of-Life (EoL) – SolarWinds will no longer provide technical support for VMAN version 2020.2.5. |
| 2020.2.4 | October 19, 2022: End-of-Life (EoL) announcement – Customers on VMAN version 2020.2.4 or earlier should begin transitioning to the latest version of VMAN. | November 18, 2022: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for VMAN version 2020.2.4 or earlier will no longer actively be supported by SolarWinds. | November 18, 2023: End-of-Life (EoL) – SolarWinds will no longer provide technical support for VMAN version 2020.2.4. |
| 2020.2.1 | October 19, 2022: End-of-Life (EoL) announcement – Customers on VMAN version 2020.2.1 or earlier should begin transitioning to the latest version of VMAN. | November 18, 2022: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for VMAN version 2020.2.1 or earlier will no longer actively be supported by SolarWinds. | November 18, 2023: End-of-Life (EoL) – SolarWinds will no longer provide technical support for VMAN version 2020.2.1. |
| 2020.2 | October 19, 2022: End-of-Life (EoL) announcement – Customers on VMAN version 2020.2 or earlier should begin transitioning to the latest version of VMAN. | November 18, 2022: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for VMAN version 2020.2 or earlier will no longer actively be supported by SolarWinds. | November 18, 2023: End-of-Life (EoL) – SolarWinds will no longer provide technical support for VMAN version 2020.2. |
See the End of Life Policy for information about SolarWinds product life cycle phases. To see EoL dates for earlier VMAN versions, see VMAN release history.
Deprecation notice
The following platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features.
Port 17778
SWIS REST Endpoint on port 17778 is deprecated as of 2023.1 and will be replaced with port 17774 in a future release. SolarWinds recommends that you start migrating SWIS REST Endpoint to port 17774.
If you are using DPAIM, make sure you are running DPA 2024.2 or later to switch to port 17774. Earlier DPA versions cannot send data to DPAIM on port 17774. See Specify the port DPA uses... for more information.
Starting with 2024.2, you can enable the port in Advanced Configuration by clearing the DisableSwisRestEndpointOnPort17778 option. See Enable/disable the SWIS endpoint port.
Network Atlas
Network Atlas is deprecated as of Orion Platform 2020.2. It is still available and supported in the current release, but will be removed in a future release. Deprecation is an indication that you should avoid expanded use of this feature and formulate a plan to discontinue using the feature. SolarWinds recommends that you start using Intelligent Maps in the SolarWinds Platform Web Console to display maps of physical and logical relationships between entities monitored by the SolarWinds Platform products you have installed.
Starting with 2024.2, you can import Network Atlas maps to Intelligent Maps. See Import maps.
Legal notices
© 2023 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.