Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”

June 16, 2023 Jeff Lotan

Issue:

You need to know if there is a Reprise License Manager Update to Mitigate the “HTTP Header Injection Vulnerability”

Solution:

IMAGINiT and Reprise have updated their respective files to Mitigate the vulnerability.

It is recommended that your network server admin follow these steps to manually replace the files:

1. Go into Services.msc and stop the “IMAGINiT Reprise License Manager” service.

2. Navigate to the \IMAGINiT Technologies\Reprise License Manager folder and rename the RLM.exe and the rlmutil.exe files.

If you are using the newer version the files will be found in:  

C:\Program Files\IMAGINiT Technologies\Reprise License Manager

If you are on the older version the files will be in: 

C:\Program Files(x86)\IMAGINiT Technologies\Reprise License Manager

I renamed them to rlm_exe.original and rlmutil_exe.origina just before I pasted in the new ones.

3. For the IMAGINiT Reprise License Manager fixes, download the updates from here:  https://www.dropbox.com/s/yrps4lpy32hkekk/RepriseLM_Update_x64_w4_v15.1.zip?dl=0

4. Once downloaded check the box to “Unblock”, click Apply and Ok.

5. Extract the files.

6. Copy/paste these files over to the license manager folder where you renamed the original files.

7. Start the service.

When you bring up the web interface you will need to enter your user name and password.  Check the administrator’s manual for the default.

To learn more about the vulnerability see this:

https://portswigger.net/web-security/host-header/exploiting

Created by Jeff Lotan - IMAGINiT Technologies Technical Support

About the Author

Jeff Lotan

Sr. Technical Support Specialist - Licensing<br><br>I am charged with mentoring and training team members in the proper use our systems and tools, documenting NSC processes, and providing feedback and ideas to the management team towards improving the customer experience. I am also a major contributor to our technical support blog and internal knowledge base.

Follow on Linkedin More Content by Jeff Lotan
Previous Article
Troubleshooting Revit File Corruption
Troubleshooting Revit File Corruption

There are various reasons for Revit file corruption, and it is often difficult to pinpoint the exact root c...

Next Article
Creating an Autodesk Custom Install for Network licensing
Creating an Autodesk Custom Install for Network licensing

I need to create an Autodesk Custom Install for network licensing and have the software installed from the ...

Need tech support? Let us help!

Learn More