TIBCO Slingshot: Update System Configuration "Cached Password"

TIBCO Slingshot: Update System Configuration "Cached Password"

book

Article ID: KB0073595

calendar_today

Updated On:

Products Versions
TIBCO Slingshot All

Description

When using the default System Configuration two possible issues can occur:
1.  The default System Configuration could allow a user to become authenticated and execute some Slingshot service functions. The functionality of this level of privilege is limited
2.  The default System Configuration may be vulnerable to a deserialization vulnerability

Environment

All supported environments

Resolution

On any Command Center or Slingshot Server with the admin service enabled, navigate to the System Configuration page.  On the Global Settings: Miscellaneous Settings, enter a password for the "Cached Password".  
The password entered is used only by internal MFT processes.  Make sure to enter a strong password.  Then press Update to save the changes.

Issue/Introduction

TIBCO Slingshot: Update System Configuration "Cached Password"