
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Windows SMB Denial of Service Vulnerability
Our Administrator team has Discovered the use of Microsoft Server Message Block 1.0 (SMBv1) protocol on the server which is against security baseline and is deem as non-compliance and poses a high risk of vulnerability. The vulnerability can allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability".
Their recommendation is to disable the protocol on the server to remediate the issue.
Can anyone please help me to know more details about the impact this vulnerability can cause to QlikView systems and what actions should be taken.
Accepted Solutions

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Balledaa ,
In QlikSense SMB3 is tested and can be used as it is mentioned Persistence ‒ Qlik Sense for administrators.
SMB1 is a quite old protocol, do you have a test machine were your file server admin can disable SM, so you could check is not impacting your QlikView environment.
As per the information on CVE-2017-0280 - Security Update Guide - Microsoft - Windows SMB Denial of Service Vulnerability seems the topic is more related to the server itself and Microsoft itself delivered a fix back in 2017 May 9, 2017—KB4019472 (OS Build 14393.1198) (microsoft.com) so as long as your OS is updated should be fine.
I hope this helps.
Cheers,
Albert

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Maria,
We are using the above two products.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Balledaa ,
In QlikSense SMB3 is tested and can be used as it is mentioned Persistence ‒ Qlik Sense for administrators.
SMB1 is a quite old protocol, do you have a test machine were your file server admin can disable SM, so you could check is not impacting your QlikView environment.
As per the information on CVE-2017-0280 - Security Update Guide - Microsoft - Windows SMB Denial of Service Vulnerability seems the topic is more related to the server itself and Microsoft itself delivered a fix back in 2017 May 9, 2017—KB4019472 (OS Build 14393.1198) (microsoft.com) so as long as your OS is updated should be fine.
I hope this helps.
Cheers,
Albert
