Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
ALERT: The support homepage carousel is not displaying. We are working toward a resolution.

Domain User Enumeration

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Alan_Slaughter
Support
Support

Domain User Enumeration

Last Update:

Mar 11, 2022 4:26:17 AM

Updated By:

Alan_Slaughter

Created date:

Mar 11, 2022 4:26:17 AM

Windows NTLM authentication provider, the error response time for an invalid username was measurably different from that of a valid username. This could be used to allow somebody with access to the system to determine whether a given username was valid. The response times are now the same.

 

Environment

  • Qlik Sense Enterprise November 2021 and higher

 

Resolution

Resolved timing issue that could lead to user enumeration and Vulnerability CVE-2022-0564

Information provided on this defect is given as is at the time of documenting. For up to date information, please review the most recent Release Notes, or contact support at support.qlik.com with the ID QB-6867 for reference.

 

Fix Version:

Qlik Sense November 14.44.5

 

Cause

Product Defect ID: QB-6867, QB-8873

 

Related Content

Vulnerability CVE-2022-0564 

Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release 

622 Views
Was this article helpful? Yes No
Contributors
Version history
Last update:
‎2022-03-11 04:26 AM
Updated by:
Support