Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
NMC Support
Submit a support request for additional assistance with EcoStruxure IT software.
Select your language from the translate dropdown in the upper right.
Affected Revision Levels
| Component | File | Details |
| Smart-UPS Application | apc_hw21_su_2-5-3-3.nmc3 | UPS Application for Smart-UPS, Smart-UPS RT, Smart-UPS VT, MGE Galaxy 3500. |
| Symmetra Application | apc_hw21_sy_2-5-3-2.nmc3 | UPS Application for 1-Phase Symmetra, Symmetra LX. |
For details on upgrading the UPS Network Management Card 3 (NMC 3) firmware, see the NMC3 User Guide.
NOTE: If you upgrade to firmware version 2.0 or later, you cannot downgrade to a firmware version lower than 2.0.
New Features
| New Feature |
| There is no new feature in this release. |
Fixed Issues
|
Fixed Issue |
UPS Family |
|
|
Smart-UPS |
1-Phase Symmetra |
|
|
Downloading the Event Log via the Web UI works as expected when the language is set to Japanese. |
♦ |
♦ |
|
Security Update
|
||
|
The following security vulnerability has been addressed in this release: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor SSH Cipher Block Chaining (CBC) cipher has been removed. |
♦ |
♦ |
|
The following security vulnerabilities have been addressed in this release:
The user is now referenced as an index rather than their username, for example: NMC/KrtUvuh39YtQmHbyua297g/usercfg.htm?user=2 |
♦ |
♦ |
|
The following security vulnerability has been addressed in this release: CWE-863: Incorrect Authorization The Network-Only user can only perform actions in the Web UI relevant to the user access level. |
♦ |
♦ |
|
The following security vulnerability has been addressed in this release: CWE-20: Improper Input Validation Incoming BACnet packet sizes are now validated. |
♦ |
♦ |
|
The following security vulnerability has been addressed in this release: CWE-598: Use of GET Request Method With Sensitive Query Strings. This software uses the HTTP GET method to process a request and includes sensitive information in the query string of that request. Configuration of HSTS is now independent from HTTP or HTTPS configuration. When HSTS is enabled an STS header is added to all responses over HTTPS. |
♦ |
♦ |
Known Issues
| Known Issue |
| There is no known issue in this release. |
Hash Signatures
| Signatures | apc_hw21_su_2-5-3-3.exe |
| CRC32 | 1B525C68 |
| CRC64 | 1919EC007B13BC96 |
| SHA-256 | C641E5D549CB88F6CDF914A9BD79A3F450118FC9CE6ADA47EA35A5C96FFA77C1 |
| SHA-1 | BCF0BE585DD3E21AF7A3ADA8F7893B5A0B8F1198 |
| BLAKE2sp | 6DBF86236F9B6EE639B42A883F832182ADF9990D99801ECD5FA4B8D1E42F56FA |
| Signatures | apc_hw21_sy_2-5-3-2.exe |
| CRC32 | 04E90885 |
| CRC64 | 20EA59213CDCA39E |
| SHA-256 | 091163C905F29652AB41B4ABE12CA45402376B6CACD80E5911C9DDB2CC308134 |
| SHA-1 | FCFB7578356DFC98253BDDCBA2C483AF76DF8A43 |
| BLAKE2sp | 50CC9F255DE9DF12FB94C3AAD92661500CBB05FEB4A5DEF8BCDF1691529D4736 |
Didn't find what you are looking for? Ask our Experts
Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.