- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Forum
- :
- Client side binaries impacted by CVEs
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Client side binaries impacted by CVEs
FlexNet Publisher (11.13.1.0) has a number of high severity CVEs (see list below) and we are moving to FlexNet Publisher (11.16.5) to mitigate the effect of these CVEs.
The open question is whether any client side flex libraries are impacted by the listed CVEs
https://nvd.nist.gov/vuln/detail/CVE-2015-8277
https://nvd.nist.gov/vuln/detail/CVE-2016-10395
https://nvd.nist.gov/vuln/detail/CVE-2018-20031
https://nvd.nist.gov/vuln/detail/CVE-2018-20032
https://nvd.nist.gov/vuln/detail/CVE-2018-20033
https://nvd.nist.gov/vuln/detail/CVE-2018-20034
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
@abhilash , CVE-2016-10395 is related with FNLS (i.e. Flexnet Licensing Service). Apart from from that the other mentioned vulnerabilities are only server side (lmgrd/lmadmin and vendor daemon related) vulnerabilities.