Mobile Device Management (MDM) Curl Vulnerability (CVE-2023-38545 & CVE-2023-38546)

search cancel

Mobile Device Management (MDM) Curl Vulnerability (CVE-2023-38545 & CVE-2023-38546)

book

Article ID: 274802

calendar_today

Updated On:

Products

CA Mobile Device Management CA Mobile Device Management

Issue/Introduction

A high severity vulnerability found in the curl library (libcurl) .MDM uses libcurl.

Release: 20.2(Currently in use)

Environment

Release: v20.2

Cause

https://curl.se/docs/CVE-2023-38545.html

Resolution

Based on the initial review we are using the curl tool to compile the MDM application and openssl library and zip tool is using the curl.

As a next step, we will investigate further if they need to be updated with the latest recommended version of curl tool and openssl and dependent tools.

Additional Information

This KB will be updated on a continuous basis as the situation evolves.

Feedback

thumb_up Yes

thumb_down No