Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84241members
353342posts

SACK vulnerability

EcoStruxure IT forum

A support forum for Data Center Operation, Data Center Expert, and EcoStruxure IT product users to share knowledge on installation, configuration, and general product use.

DCIM_Support
Picard
Picard
0 Likes
2
193

SACK vulnerability

This question was originally posted on DCIM Support by Greg Ketell on 2019-06-21


What versions of Struxureware server are not vulnerable to CVE-2019-11477 through -11479 ?

(CID:145850841)

2 Replies 2
DCIM_Support
Picard
Picard
0 Likes
0
193

Re: SACK vulnerability

This answer was originally posted on DCIM Support by Steven Marchetti on 2019-06-21


Hi Greg,

I've found no reference to this vulnerability in DCE 7.7. I don't have information on all versions but we always suggest updating to the most recent. Most of the information on vulnerabilities on 7.7 can be found here:

https://sxwhelpcenter.ecostruxureit.com/display/public/UADCE725/Software+Vulnerability+Scan%28s%29+S...

Additionally, checking on sites such as this:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477

It seems to be Linux and FreeBSD. I don't see any reference to CentOS.. I may have missed something but 7.7 is running CentOS release 6.10.

I will run this by our engineering teams to see if I can find something more definitive. 

 

Steve

 

(CID:145850866)

DCIM_Support
Picard
Picard
0 Likes
0
193

🔒 Closed

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.