Is Messaging Gateway vulnerable to CVE-2024-23615

search cancel

Is Messaging Gateway vulnerable to CVE-2024-23615

book

Article ID: 279217

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

CVE-2024-23615 is a buffer overflow vulnerability in some older, unsupported versions of Messaging Gateway

Environment

Messaging Gateway 9.5 and earlier

Resolution

The vulnerable libraries do not exist in any currently supported Messaging Gateway release at the time of this writing.

All Messaging Gateway customers are encouraged to update to the latest release at their earliest convenience and any customer not running a supported release of Messaging Gateway (10.6.6 or earlier at the time of this writing) is strongly encouraged to update to a supported version of Messaging Gateway.

Additional Information

Mitre: CVE-2024-23615
Symantec Messaging Gateway libdec2lha.so Stack Buffer Overflow Remote Code Execution
Messaging Gateway software update best practices

Feedback

thumb_up Yes

thumb_down No