Axiad Conductor for Airgap Deployment 4.20 / 2.15 Pre-release Notes
- 25 Mar 2025
- 1 Minute to read
- Print
- DarkLight
- PDF
Axiad Conductor for Airgap Deployment 4.20 / 2.15 Pre-release Notes
- Updated on 25 Mar 2025
- 1 Minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Planned Release Date: March 2025
IMPORTANT INFORMATION ABOUT THESE PRE-RELEASE NOTES
These are pre-release notes and are subject to change
We will update this article as needed as we finalize the release
These notes are for the following Axiad Conductor for Airgap Deployment product versions:
UCMS 4.20
Unified Portal 2.15
If you have any questions about these features or want to request a more in-depth discussion about the best way to leverage them, then reach out to us at productmanagement@axiad.com.
IMPORTANT
In this Axiad Conductor release, and moving forward, Java 17 is required, and Java 11 is no longer supported. Prior to upgrading Axiad, please ensure that you’re using Java 17 and JAVA_HOME is set to reflect the new version.
Database Schema
4.20 - Requires upgrade
UCMS
Features
Ref ID | Description |
|---|---|
PM-1380 | Axiad Operators can configure an HTML template to use for all outgoing email notifications See the updated settings here |
PM-10467 | Added support for SafeNet eToken Fusion 5300 |
PM-10193 | Added support for Gemalto IDPrime MD 930 cards with custom manufacturer key |
Enhancements
Ref ID | Description |
|---|---|
PM-10065 | Upgrade to Java 17 and Spring Boot 3 See the note above about the Java upgrade |
PM-9178 | Add SHA256 digest in header to all RPMs |
PM-10337 | Update logging to show ERROR message instead of WARN when the connection to the HSM Client becomes stale |
PM-7653 | New option allows a user to replace a device without reissuing certificates that are both escrowed and still valid |
Security Fixes
Ref ID | Description |
|---|---|
PM-11246 | Addressed vulnerabilities: CVE-2024-38819, CVE-2024-38820 |
PM-9936 | Addressed vulnerabilities: CVE-2024-38809, CVE-2024-38808 |
PM-9347 | Addressed vulnerabilities: CVE-2024-38816 |
PM-13182 | Addressed vulnerabilities: CVE-2024-38828 |
PM-10194 | Addressed vulnerabilities: CVE-2024-38821 |
PM-13236 PM-13246 | Addressed vulnreabilities: CVE-2025-24813 |
Known Issues
Ref ID | Description | Workaround |
|---|---|---|
— | (For PM-7653) In workflow transitions, UCMS pulls the existing encryption certificate, even if it is about to expire, forcing users to come back to update their device again, despite having recently updated them | Planned update in future release; user must update device again |
Unified Portal (UP)
Enhancements
Ref ID | Description |
|---|---|
PM-10065 | Upgrade to Java 17 and Spring Boot 3 See the note above about the Java upgrade |
PM-2788 | When an Operator attempts to revoke a user’s device or credential, they are prompted to confirm the action before it is revoked. New UI:
|
PM-9360 | Expanded and clarified the language presented to users when creating a PIN Before:
After:
|
PM-10171 | Operators can include custom links in end-of-lifecycle operation messages |
Known Issues
Ref ID | Description | Workaround |
|---|---|---|
PM-13076 | Revoke confirmation message (PM-2788) does not display for imported service type credentials. | Planned update in future release |
Was this article helpful?
