- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Forum
- :
- Vulnerabilities (critical, high, medium) detected in FNP 11.18.2.0
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Vulnerabilities (critical, high, medium) detected in FNP 11.18.2.0
We detected some vulnerabilities in FNP 11.18.2.0 and we want to know for each of them if the lmadmin is affected from that vulnerabilities and if yes, if there is any mitigation.
openssl v1.1.1k:
- CVE-2021-3711 (9.8 CVSS v3)
- CVE-2021-3712 (7.4 CVSS v3)
apache portable runtime (apr) v1.6.5:
- CVE-2021-35940 (7.1 CVSS v3)
apache httpd v2.4.48:
- CVE-2021-33193 (7.5 CVSS v3)
- CVE-2021-32785 (7.5 CVSS v3)
- CVE-2021-32786 (6.1 CVSS v3)
- CVE-2021-32792 (6.1 CVSS v3)
- CVE-2021-32791 (5.9 CVSS v3)
Thanks in advance!
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
- CVE-2021-3711 (9.8 CVSS v3)
- CVE-2021-3712 (7.4 CVSS v3)
- CVE-2021-35940 (7.1 CVSS v3) are fixed in 11.18.3
CVE-2021-32786, CVE-2021-32792, CVE-2021-32785, CVE-2021-32791 are NOT applicable because that affected functionality OpenID of apache httpd is NOT used by the lmadmin, according to our Engineering team.
- https://nvd.nist.gov/vuln/detail/CVE-2021-40438 (9.8 CVSS v3)
- https://nvd.nist.gov/vuln/detail/CVE-2021-34798 (7.5 CVSS v3)
- https://nvd.nist.gov/vuln/detail/CVE-2021-36160 (7.5 CVSS v3)
- CVE-2021-33193 (7.5 CVSS v3) are fixed in 11.18.3