Description:
ST-33 Identifies a situation in the RAM6xxx product line where elevated privilege is assigned to all WebUI
users, giving access to several features for users that should not have access to those privileged features.
Specifically, all users have access to the Firmware Update, Job Control, and Package Installation pages. To
mitigate this issue, low-privilege user access is being removed from the WebUI. After applying this patch,
only the privileged admin user will be allowed to log into the RAM6xxx via the WebUI.
Installation Instructions:
1. Log into the RAM6xxx as admin using the WebUI as the admin user.
2. Upload the RAM_ST-33_patch.zip file to the Package Installation screen.
The package can be downloaded from: RAM_ST-33patch.zip
3) The patch will automatically be applied after the upload is complete.
4) Reboot the RAM6xxx.
Note: Any users logged into the WebUI as users other than admin will be logged out of their session,
and they will no longer be able to log back into those user accounts.
Due to the threat posed by a successful attack, Red Lion strongly recommends that customers
apply security patches as soon as possible.