PIM 6.1.4 – Release notes

The new release of PhenixID Identity Manager (PIM) improves the stability, compatibility and security of your solution, and is recommended for all installations.

Manual steps needed for upgrading on windows

In this release we upgraded the tomcat to mitigate vulnerabilities which also require additional java options to be set. The windows service needs to be stopped and deleted before the upgrade and then manually added with a script. This is not needed to be done for fresh installations of PIM.

Deleting the service can be done by running the following in powershell(from the PIM installation root):

.\server\bin\tomcat9.exe //DS//phenixidim

Installing the service can be done by running the following in powershell(from the PIM installation root):

.\server\bin\service.bat

Bugfixes

PIM-1542 Issue logging in for users with one role

An issue introduced in PIM 6.1.3 caused users with one role to not be able to log in. Issue resolved

PIM-1553 Intermittent issue loading tabs

Intermittently not all tabs did load for forms. Issue resolved

PIM-1551 Double login audit log when using SAML

A login through SAML would be audit logged twice. Issue resolved

Improvements

PIM-1530 and PIM-1568 Improve MULTIDB support for MultiListStringControl and MultiListControl

Improved MULTIDB support increasing the range of number of MULTIDBs supported from 1-9 to 1-999. Issue resolved

Vulnerability mitigation

PIM-1560 Upgrade tomcat

Upgraded tomcat from version 9.0.87 to 9.0.100 to mitigate vulnerabilities. Issue resolved

  • CVE-2024-38286
  • CVE-2025-24813

Other vulnerabilities mitigated

  • CVE-2024-39338
  • CVE-2022-23437
  • CVE-2022-26336
  • CVE-2022-34169
  • CVE-2023-22006
  • CVE-2024-21012
  • CVE-2024-21068
  • CVE-2024-21140
  • CVE-2024-28168
  • CVE-2024-39338
  • CVE-2025-21502