https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1927074#M30352 <P>Hello&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/144779">@Balledaa</a>&nbsp;,</P> <P>In QlikSense SMB3 is tested and can be used as it is mentioned&nbsp;<A href="https://help.qlik.com/en-US/sense-admin/February2021/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Deploy_QSEoW/Persistence.htm" target="_blank">Persistence ‒ Qlik Sense for administrators.</A></P> <P>SMB1 is a quite old protocol, do you have a test machine were your file server admin can disable SM, so you could check is not impacting your QlikView environment.</P> <P>As per the information on&nbsp;<A href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-0280#:~:text=A%20denial%20of%20service%20vulnerability%20exists%20in%20the,to%20stop%20responding%20until%20it%20is%20manually%20restarted." target="_blank">CVE-2017-0280 - Security Update Guide - Microsoft - Windows SMB Denial of Service Vulnerability</A>&nbsp;seems the topic is more related to the server itself and Microsoft itself delivered a fix back in 2017&nbsp;<A href="https://support.microsoft.com/en-gb/topic/may-9-2017-kb4019472-os-build-14393-1198-c102f1c8-bf63-31a8-fe68-d00cb31c6b4b" target="_blank">May 9, 2017—KB4019472 (OS Build 14393.1198) (microsoft.com)</A>&nbsp;so as long as your OS is updated should be fine.</P> <P>I hope this helps.</P> <P>Cheers,</P> <P>Albert</P> Thu, 05 May 2022 19:26:52 GMT Albert_Candelario 2022-05-05T19:26:52Z https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1926624#M30349 <P>Our Administrator team has Discovered the use of Microsoft Server Message Block 1.0 (SMBv1) protocol on the server which is against security baseline and is deem as &nbsp;non-compliance and poses a high risk of vulnerability. The vulnerability can allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".</P> <P>Their recommendation is to disable the protocol on the server to remediate the issue.&nbsp;</P> <P>Can anyone please help me to know more details about the impact this vulnerability can cause to QlikView systems and what actions should be taken.</P> <P>&nbsp;</P> Wed, 29 Jan 2025 16:38:32 GMT https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1926624#M30349 Balledaa 2025-01-29T16:38:32Z https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1926625#M30350 <P><a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/144779">@Balledaa</a></P><P>&nbsp;</P><P>What product are you using? And what version.&nbsp;</P> Thu, 05 May 2022 07:00:36 GMT https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1926625#M30350 Maria_Halley 2022-05-05T07:00:36Z https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1926690#M30351 <P>Hello Maria,</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Balledaa_0-1651737835127.png" style="width: 999px;"><img src="https://community.qlik.com/t5/image/serverpage/image-id/78728i33BCDFDE2ED7827E/image-size/large?v=v2&amp;px=999" role="button" title="Balledaa_0-1651737835127.png" alt="Balledaa_0-1651737835127.png" /></span></P> <P>We are using the above two products.</P> Thu, 05 May 2022 08:04:59 GMT https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1926690#M30351 Balledaa 2022-05-05T08:04:59Z https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1927074#M30352 <P>Hello&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/144779">@Balledaa</a>&nbsp;,</P> <P>In QlikSense SMB3 is tested and can be used as it is mentioned&nbsp;<A href="https://help.qlik.com/en-US/sense-admin/February2021/Subsystems/DeployAdministerQSE/Content/Sense_DeployAdminister/QSEoW/Deploy_QSEoW/Persistence.htm" target="_blank">Persistence ‒ Qlik Sense for administrators.</A></P> <P>SMB1 is a quite old protocol, do you have a test machine were your file server admin can disable SM, so you could check is not impacting your QlikView environment.</P> <P>As per the information on&nbsp;<A href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-0280#:~:text=A%20denial%20of%20service%20vulnerability%20exists%20in%20the,to%20stop%20responding%20until%20it%20is%20manually%20restarted." target="_blank">CVE-2017-0280 - Security Update Guide - Microsoft - Windows SMB Denial of Service Vulnerability</A>&nbsp;seems the topic is more related to the server itself and Microsoft itself delivered a fix back in 2017&nbsp;<A href="https://support.microsoft.com/en-gb/topic/may-9-2017-kb4019472-os-build-14393-1198-c102f1c8-bf63-31a8-fe68-d00cb31c6b4b" target="_blank">May 9, 2017—KB4019472 (OS Build 14393.1198) (microsoft.com)</A>&nbsp;so as long as your OS is updated should be fine.</P> <P>I hope this helps.</P> <P>Cheers,</P> <P>Albert</P> Thu, 05 May 2022 19:26:52 GMT https://community.qlik.com/t5/Management-Governance/Windows-SMB-Denial-of-Service-Vulnerability/m-p/1927074#M30352 Albert_Candelario 2022-05-05T19:26:52Z