Impact of CVE-2023-25690 Vulnerability on DLO

book

Article ID: 100055405

calendar_today

Updated On:

Description

Reference

Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.

More information on this vulnerability can be found at the National Vulnerability Database at the following link;
https://nvd.nist.gov/vuln/detail/CVE-2023-25690

Resolution

This vulnerability has been resolved in Apache HTTP Server 2.4.56 (released 7 March 2023) and that version is now available to be applied to DLO 9.8.2, using the 'VxUpdate - Component Upgrade' facility.

There are no plans to address this vulnerability in previous versions of DLO and customers are advised to upgrade to DLO 9.8.2 to resolve this vulnerability.

Issue/Introduction

Impact of CVE-2023-25690 Vulnerability on Veritas Desktop and Laptop Option (DLO) All public releases of Desktop and Laptop Option (up to and including DLO 9.8.2) are affected by this vulnerability.

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"