Dollar Universe and Curl Vulnerability (CVE-2023-38545 & CVE-2023-38546)
search cancel

Dollar Universe and Curl Vulnerability (CVE-2023-38545 & CVE-2023-38546)

book

Article ID: 274949

calendar_today

Updated On:

Products

CA Automic Dollar Universe

Issue/Introduction

A high severity vulnerability was found in the curl library. 

Is Dollar Universe and its sub-components(ex. UVMS, Reporter, Explorer and Managers) affected?

Environment

Release: 6.x, 7.x

Cause

https://curl.se/docs/CVE-2023-38545.html

Resolution

Dollar Universe uses libcurl but it is not using SOCKS5 proxy for connecting to remote hosts. While the version used is vulnerable, they are not exploitable since SOCKS5 proxy is not enabled.