Dear partners,
We have fixed All-in-one installer for ESMC. The problem was only in Apache Tomcat, which can be vulnerable in specific cases (CVE-2020-1938). We upgraded the All-on-one installer (ZIP and ISO), and now it contains a new version that is not vulnerable. There are several ways how customers can patch the vulnerability in the current deployments. These ways are described in the following KB: https://techcenter.eset.nl/news/posts/cve-2020-1938-apache-tomcat-ajp-request-injection-and-potential-remote-code-execution
Product: ESET Security Management Center
Service version (Build Information): Version: 7.1.27.1 (only All-in-one installer)
Release Stage: Hotfix Release
Languages: All
Installers: https://www.eset.com/int/business/security-management-center/download/
Add a comment
Please log in or register to submit a comment.