Is Qlik Replicate affected by CVE-2023-50164 (Apache Struts2 Remote Code Execution vulnerability)
Hi,
We would just like to know whether Qlik Replicate (or any other Qlik product) is affected in any way by the recent CVE-2023-50164 vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2023-50164)
If the most recent releases of Replicate are not affected, is there any chance older versions of Replicate may be affected?
I could not find mention of this specific CVE, but a search on "Struts" found a case from 5 months ago where we determined that none of the Data Integration products, including Qlik Replicate, use Apache Struts. If you would like an investigation into this specific CVE, please open a support case as we have no method to elevate issues to our internal support team in the Qlik Community forum.
I could not find mention of this specific CVE, but a search on "Struts" found a case from 5 months ago where we determined that none of the Data Integration products, including Qlik Replicate, use Apache Struts. If you would like an investigation into this specific CVE, please open a support case as we have no method to elevate issues to our internal support team in the Qlik Community forum.
In terms of software vulnerabilities, keeping your systems up to date with the latest releases and security patches is crucial to mitigate potential risks. Older versions of Replicate may indeed have vulnerabilities, so it's generally a good practice to upgrade to the latest versions for enhanced security.If you're concerned about cybersecurity and compliance, you might want to explore resources about CMMC Level 2. It can provide valuable insights into ensuring the security of your systems.I hope this information helps, and you can find the answers you need regarding the CVE vulnerability and your Qlik products.
