Can Endpoint Protection Manager's Apache version be upgraded independently?
Article ID: 229918
Updated On:
Products
Endpoint Protection
Issue/Introduction
The Apache server within the Endpoint Protection Manager may contain vulnerabilities on older versions. You want to know if it is supported to upgrade the version of Apache independently (Meaning not through an upgrade to a newer SEPM version) to a non-vulnerable version.
Environment
SEPM Server
Cause
Because Apache is a fundamental piece of the SEPM's architecture, each release has been tested and designed to work specifically with the version of Apache that was released with it. As this is the case, upgrading the version of Apache independently could have unintended effect on the SEPM's operation and it is not supported.
Resolution
To check your version of Apache, you can follow these steps to confirm if your version is vulnerable or use a vulnerability scanning program.
Next, you may want to check our knowledge base documentation for the specific vulnerability. The SEPM may use that version, but not be directly vulnerable:
Example: CVE-2021-44790 and CVE-2021-44224 may be detected by vulnerability scanners, but the SEPM is not vulnerable to their exploitation.
If your version is vulnerable, the only supported solution is to upgrade your management server to a version that is no longer vulnerable, or the latest version for the most up-to-date version of Apache currently supported.
Additional Information
Feedback
Yes
No
Powered by
