Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 
diagonjope
Partner - Creator II
Partner - Creator II

"Qlik Sense Exploited in Cactus Ransomware Campaign": Is this true? Does Qlik have any security updates to deal with this?

Greetings!

I just saw this article about a supposed ransomware security risk in QliK Sense and would like to receive instructions on what to do (if true):

https://www.arcticwolf.com/resources/blog/qlik-sense-exploited-in-cactus-ransomware-campaign/

Customers are asking us about it, but I can't find anything related to this issue in the community.  Please advise and referer to @diagonjope in your note, so that I can get a notification.

Cheers,

++José

Labels (2)
1 Solution

Accepted Solutions
Albert_Candelario

Hello all, @diagonjope  @daveatkins 

Thanks for posting here.

As it is also explained on https://www.arcticwolf.com/resources/blog/cve-2023-41265-cve-2023-41266-cve-2023-48365/ these vulnerabilities were already mentioned some time ago, we strongly recommend to stay on the mentioned patches or newest ones, as newest ones will have those fixes plus more fixes included as patches are cumulative as per the release notes.

Furthermore,  I strongly recommend you to subscribe to our Support Blog so next time you do not miss such communications and other relevant ones about Qlik products.

https://community.qlik.com/t5/Support-Updates/bg-p/qlik-support-updates-blog

https://community.qlik.com/t5/Support-Updates/Qlik-Sense-Enterprise-for-Windows-New-Security-Patches...

https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enter...

Cheers,

Albert

 

Please, remember to mark the thread as solved once getting the correct answer

View solution in original post

3 Replies
daveatkins
Partner - Creator III
Partner - Creator III

we patched our servers earlier this year; can someone from Qlik please link/list the appropriate patch levels here again?

Albert_Candelario

Hello all, @diagonjope  @daveatkins 

Thanks for posting here.

As it is also explained on https://www.arcticwolf.com/resources/blog/cve-2023-41265-cve-2023-41266-cve-2023-48365/ these vulnerabilities were already mentioned some time ago, we strongly recommend to stay on the mentioned patches or newest ones, as newest ones will have those fixes plus more fixes included as patches are cumulative as per the release notes.

Furthermore,  I strongly recommend you to subscribe to our Support Blog so next time you do not miss such communications and other relevant ones about Qlik products.

https://community.qlik.com/t5/Support-Updates/bg-p/qlik-support-updates-blog

https://community.qlik.com/t5/Support-Updates/Qlik-Sense-Enterprise-for-Windows-New-Security-Patches...

https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enter...

Cheers,

Albert

 

Please, remember to mark the thread as solved once getting the correct answer
diagonjope
Partner - Creator II
Partner - Creator II
Author

Thank you, @Albert_Candelario !