Environment
- Carbon Black EDR server: All versions
- RHEL OS: 9.x
Question
What is Carbon Black's position on the reported existence of CVE-2023-38545 on EDR server machines?
Answer
This
RHEL article states only RHEL 9 is affected. EDR server 7.x does not yet support RHEL 9 (as of November, 2023).
Also the "curl" package referenced is not part of the EDR software package and should be addressed/fixed/patched by the OS or owning vender that installed/maintains it.
Related Content