Our Network Engineer has just received a notice of a vulnerability in Flexnet Publisher to any version below 10.19.6. Is there a patch for this provided by ESRI?
Hi @JeffreyFrye.,
I assume the vulnerability has been found in License managers tooling?
If so, please check the CVE of the vulnerability against the list of known ones here: https://trust.arcgis.com/en/customer-documents/component-cve-responses
If you're unable to find it in this list - please log a new security concern using this form:
https://trust.arcgis.com/en/security-concern/
If not done so already, I imagine you will need to update to the latest version of the software in question!
Hope this helps,
A
assuming this is CVE-2024-2658 which came up around this time and not yet addressed in CVE responses. I submitted to that form.
Hi @JasonJessup,
I've found this article which has helped me recently with customers asking the same question. I'm hoping that License manager 2024.1 will include 11.19.6.0 or higher: