Symantec Protection Engine is affected by CVE-2023-23958
search cancel

Symantec Protection Engine is affected by CVE-2023-23958

book

Article ID: 274069

calendar_today

Updated On: 10-11-2023

Products

Protection Engine for NAS Protection Engine for Cloud Services

Issue/Introduction

Symantec Protection Engine server does not properly validate the path format of a web console request.

Resolution

Upgrade to Symantec Protection Engine (SPE) 9.1.0 or greater.

Hotfixes available:

SPE 8.2.2:

  • Apply SPE_8.2.2_HF_05.zip (attached)

SPE 9.0.1:

  • Apply SPE_9.0.1_HF_01.zip (attached)

Steps to implement the hotfix:

  1. Stop the Symantec Protection Engine service
  2. Navigate to the Symantec Protection Engine installation location
  3. Backup/Rename the original servers.jar file
  4. Replace servers.jar with the servers.jar contained within the hotfix zip archive associated with the installed version of SPE
  5. Ensure that permissions and ownership are identical to the original servers.jar
  6. Start the Symantec Protection Engine service

Workaround/Mitigation:

  • Disable Web Console using below xmlmodifier command
    • xmlmodifier -s //configuration/Resources/System/EnableJavaUI/@value false configuration.xml

Additional Information

See: [Security Advisory]

Attachments

SPE_8.2.2_HF_05_1695404404364.zip get_app
SPE_9.0.1_HF_01_1695404392070.zip get_app
Powered by Wolken Software