Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
See what Drew Clarke has to say about the Qlik Talend Cloud launch! READ THE BLOG
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Akshay28
Contributor
Contributor
‎2023-10-30 11:49 AM

Qliksense Vulnerabilities

Hi,

There are some vulnerabilities identified by our client mentioned below.

  • Remote code execution where if an attacker found their way inside our environment (anywhere these servers are reachable) could run code or commands on these server.
  • Denial of Service where an attacker can cause the servers (or other infrastructure based on the above) to become unavailable
  • Authentication bypass (easy exploitation)

We are  using qliksense enterprise on windows Sept 2020 version currently. Can upgrading qliksense fix these vulnerabilities. Which version of qliksense enterprise can fix the above mentioned vulnerabilities.

Labels (1)
Labels
349 Views
0 Likes
1 Solution

Accepted Solutions
Vicky_Z
Support
Support
‎2023-10-31 12:45 AM

Sep 20 has been unsupported already. You will definitely need to upgrade for support maintenance. 

Qlik Sense Enterprise on Windows Product Lifecycle 

 

These vulnerabilities are unclear. We will need more details.   Once you upgrade, please collect the information requested in Qlik Security Vulnerability Policy  and submit a support ticket

View solution in original post

310 Views
0 Likes
1 Reply
Vicky_Z
Support
Support
‎2023-10-31 12:45 AM

Sep 20 has been unsupported already. You will definitely need to upgrade for support maintenance. 

Qlik Sense Enterprise on Windows Product Lifecycle 

 

These vulnerabilities are unclear. We will need more details.   Once you upgrade, please collect the information requested in Qlik Security Vulnerability Policy  and submit a support ticket

311 Views
0 Likes