Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”

June 16, 2023 Jeff Lotan

Issue:

You need to know if there is a Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”

Solution:

IMAGINiT and Reprise have updated their respective files to Mitigate the vulnerability.

It is recommended that your network server admin follow these steps to manually replace the files:

1. Go into Services.msc and stop the “IMAGINiT Reprise License Manager” service.

2. Navigate to the \IMAGINiT Technologies\Reprise License Manager folder and rename the RLM.exe and the rlmutil.exe files.

If you are using the newer version the files will be found in:

C:\Program Files\IMAGINiT Technologies\Reprise License Manager

If you are on the older version the files will be in:

C:\Program Files(x86)\IMAGINiT Technologies\Reprise License Manager

I renamed them to rlm_exe.original and rlmutil_exe.origina just before I pasted in the new ones.

3. For the IMAGINiT Reprise License Manager fixes, download the updates from here: https://www.dropbox.com/s/yrps4lpy32hkekk/RepriseLM_Update_x64_w4_v15.1.zip?dl=0

4. Once downloaded check the box to “Unblock”, click Apply and Ok.

5. Extract the files.

6. Copy/paste these files over to the license manager folder where you renamed the original files.

7. Start the service.

When you bring up the web interface you will need to enter your user name and password. Check the administrator’s manual for the default.

To learn more about the vulnerability see this:

https://portswigger.net/web-security/host-header/exploiting

Created by Jeff Lotan - IMAGINiT Technologies Technical Support

About the Author

Sr. Technical Support Specialist - Licensing<br><br>I am charged with mentoring and training team members in the proper use our systems and tools, documenting NSC processes, and providing feedback and ideas to the management team towards improving the customer experience. I am also a major contributor to our technical support blog and internal knowledge base.
Follow on Linkedin More Content by Jeff Lotan

IMAGINiT Utilities Reprise Licensing issue was detected. License Error Code -37

The start date in the license hasn't occurred yet, e.g., today you try to check out a license containing st...

Welcome to our Hub

Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”

About the Author

Previous Article

Next Article

Solutions Beyond Software™

Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”

About the Author

Previous Article

Next Article

Related Content

Discover the newest Utilities for Vault features. Annual and multi-year Autodesk subscribers with IMAGINiT can now access the IMAGINiT Utilities for Vault Client for free.

If you are familiar with creating and using batch files, then you can activate / generate the Standalone IMAGINiT Utilities during installation using a batch file.

Autodesk ID login on the vault server utilities is not currently supported.

The license error dialog should show you where to find the license. You will need to scroll down a little bit in the dialog to find it.

This soap exception happens due to some back-end issues. Here's what you need to know and do.

When attempting to activate the IMAGINiT Utilities, you receive the following error. “Utilities licensing error was encountered: The remote server returned an unexpected response: (400) Bad Request”

The -6 wrong version is typically that the license is for a different version of the utilities than the license.

The IMAGINiT development team has implemented a new network license manager for the 2022 and newer Utilities.

The start date in the license hasn't occurred yet, e.g., today you try to check out a license containing start=1-mar-2030.

Here are the best practices steps to download and install the Utilities

Learn about all the NEW tools available in IMAGINiT Utilities for Vault that complement and enhance your project functionality, management, and design experience.

You’ve installed the Reprise License Manager (RLM), but there are no shortcut icons on the desktop to access the program.

When you run the diagnostic tool (see blog below) and find that it shows in the log file "Wrong Hostid" and it expected one setting but shows "we are" and another setting.

Attempting to use the IMAGINiT Utilities you receive an -18 error in the dialog.

Folder Sync doesn't appear to be working because it is not set to sync to the expected Vault Working folder.

You have the IMAGINiT Utilities (for Revit, Civil 3D or Vault Client) and the license has expired, and users cannot obtain a license.

In this session, our IMAGINiT Solutions Consultant, Anthony Dull explored the new tools and features available in the IMAGINiT Utilities for Vault Client and Vault Server 2022.1 Update that complement

Vault Server Backup Utility Email notification subject line is confusing if 'Full Backup' and 'Incremental Backup' are used. To avoid confusion, use the default Subject 'Vault Backup Report'.

You want to know how to fix the activation error "Wrong Version -6" error when trying to activate the IMAGINiT Utilities

Expand your use of Autodesk Vault with IMAGINiT Utilities for Vault Client 2021. See the new features in action in this on-demand session.

Solutions Beyond Software™