PIM 6.1.4 – Release notes
The new release of PhenixID Identity Manager (PIM) improves the stability, compatibility and security of your solution, and is recommended for all installations.
Manual steps needed for upgrading on windows
In this release we upgraded the tomcat to mitigate vulnerabilities which also require additional java options to be set. The windows service needs to be stopped and deleted before the upgrade and then manually added with a script. This is not needed to be done for fresh installations of PIM.
Deleting the service can be done by running the following in powershell(from the PIM installation root):
.\server\bin\tomcat9.exe //DS//phenixidim
Installing the service can be done by running the following in powershell(from the PIM installation root):
.\server\bin\service.bat
Bugfixes
PIM-1542 Issue logging in for users with one role
An issue introduced in PIM 6.1.3 caused users with one role to not be able to log in. Issue resolved
PIM-1553 Intermittent issue loading tabs
Intermittently not all tabs did load for forms. Issue resolved
PIM-1551 Double login audit log when using SAML
A login through SAML would be audit logged twice. Issue resolved
Improvements
PIM-1530 and PIM-1568 Improve MULTIDB support for MultiListStringControl and MultiListControl
Improved MULTIDB support increasing the range of number of MULTIDBs supported from 1-9 to 1-999. Issue resolved
Vulnerability mitigation
PIM-1560 Upgrade tomcat
Upgraded tomcat from version 9.0.87 to 9.0.100 to mitigate vulnerabilities. Issue resolved
- CVE-2024-38286
- CVE-2025-24813
Other vulnerabilities mitigated
- CVE-2024-39338
- CVE-2022-23437
- CVE-2022-26336
- CVE-2022-34169
- CVE-2023-22006
- CVE-2024-21012
- CVE-2024-21068
- CVE-2024-21140
- CVE-2024-28168
- CVE-2024-39338
- CVE-2025-21502