EDR Server: Is CVE-2023-38545 a concern for Carbon Black EDR Server?
Carbon Black EDR server: All versions
RHEL OS: 9.x
What is Carbon Black's position on the reported existence of CVE-2023-38545 on EDR server machines?
This RHEL article states only RHEL 9 is affected. EDR server 7.x does not yet support RHEL 9 (as of November, 2023). Also the "curl" package referenced is not part of the EDR software package and should be addressed/fixed/patched by the OS or owning vender that installed/maintains it.