Environment

• Carbon Black Cloud:  All versions

Question

Answer

• Did Carbon Black write the code?
  • If yes, then Carbon Black probably created the CVE. 
    • Check UeX for Knowledge-Base article to determine if there is a patch or workaround. 
    • Determine the ETA for the fix.
• Did a third-party write the code?
  • Code is deployed with CBC: Check if a Knowledge-Base article exists or contact CB Support to be certain and determine if a workaround is needed. 
    • For example:  OSQuery is third-party software that is deployed with CBC.  
  • CBC uses local code:  Carbon Black may use local software which is the responsibility of the customer for patching and upgrading. 

Related Content

• Does Carbon Black Protect Against This "Named Threat?"
• Critical Vulnerabilities and Perspective