Community
Select to view content in your preferred language

Flexnet Vulnerability

993
3
04-08-2024 05:55 AM
JeffreyFrye
by
Occasional Contributor
‎04-08-2024 05:55 AM

Our Network Engineer has just received a notice of a vulnerability in Flexnet Publisher to any version below 10.19.6. Is there a patch for this provided by ESRI?

3 Replies
A_Wyn_Jones
by Esri Contributor
Esri Contributor
‎04-10-2024 01:10 AM

Hi @JeffreyFrye.,

I assume the vulnerability has been found in License managers tooling?

If so, please check the CVE of the vulnerability against the list of known ones here: https://trust.arcgis.com/en/customer-documents/component-cve-responses

If you're unable to find it in this list - please log a new security concern using this form:

https://trust.arcgis.com/en/security-concern/

If not done so already, I imagine you will need to update to the latest version of the software in question!

Hope this helps,

A

"We've boosted the Anti-Mass Spectrometer to 105 percent. Bit of a gamble, but we need the extra resolution."
JasonJessup
by
New Contributor
‎09-10-2024 10:38 AM

assuming this is CVE-2024-2658 which came up around this time and not yet addressed in CVE responses. I submitted to that form.

0 Kudos
A_Wyn_Jones
by Esri Contributor
Esri Contributor
‎09-19-2024 02:08 AM

Hi @JasonJessup,

I've found this article which has helped me recently with customers asking the same question. I'm hoping that License manager 2024.1 will include 11.19.6.0 or higher:

https://support.esri.com/en-us/knowledge-base/what-version-of-flexnet-publisher-is-used-in-arcgis-li...

"We've boosted the Anti-Mass Spectrometer to 105 percent. Bit of a gamble, but we need the extra resolution."