cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
abhilash
Level 3

Client side binaries impacted by CVEs

FlexNet Publisher (11.13.1.0) has a number of high severity CVEs (see list below) and we are moving to FlexNet Publisher (11.16.5) to mitigate the effect of these CVEs.

The open question is whether any client side flex libraries are impacted by the listed CVEs

https://nvd.nist.gov/vuln/detail/CVE-2015-8277
https://nvd.nist.gov/vuln/detail/CVE-2016-10395
https://nvd.nist.gov/vuln/detail/CVE-2018-20031
https://nvd.nist.gov/vuln/detail/CVE-2018-20032
https://nvd.nist.gov/vuln/detail/CVE-2018-20033
https://nvd.nist.gov/vuln/detail/CVE-2018-20034

0 Kudos
(1) Reply
aparashar1
Flexera Alumni

@abhilash , CVE-2016-10395 is related with FNLS (i.e. Flexnet Licensing Service). Apart from from that the other mentioned vulnerabilities are only server side (lmgrd/lmadmin and vendor daemon related) vulnerabilities.

(If my response assists with your questions , then please click "ACCEPT AS SOLUTION" or 'Kudos' so that it help others.)
0 Kudos