Dear Valued Customer,
a vulnerability was identified within the LightTPD component version 1.4.49 of the OpenLM Server on version 5.6 and below. You can find more details about the vulnerability on the Tenable portal:
The immediate resolution to this vulnerability is to upgrade to OpenLM Server version 21, which is built on a different platform (Kestrel), does not contain the above mentioned issue, and overall improves the security of OpenLM products. You can find more details about the upgrade on OpenLM Website:
The alternative to the above for OpenLM version 5.6 and below is to utilize the option of using Microsoft’s IIS instead of the LightTPD built-in within OpenLM Server. You can find more details about using OpenLM with IIS on OpenLM Website:
The OpenLM Team takes security very seriously. In case you have any further questions, please kindly approach our Support department at firstname.lastname@example.org.
VP Support & Services