Workload: Server 2016 still showing Vulnerability to CVE-2021-26855 after installing KB5000871
book
Article ID: 285070
calendar_today
Updated On:
Products
Carbon Black Cloud Workload
Issue/Introduction
- Devices show as vulnerable to Critical CVE-2021-26855
- Endpoint shows correct patch KB5000871 installed to remediate vulnerability
- Reassessing endpoint has no impact
Environment
- Carbon Black Cloud Workload: All Versions
- Carbon Black Cloud Sensor: 3.6.x.x and Higher
- Microsoft Exchange Server: 2013, 2016, and 2019
Cause
National Vulnerability Database (NVD) is not providing "fixed by" information for CVE-2021-26855
Resolution
Once NVD provides "fixed by" information for CVE-2021-26855 devices with the appropriate patch installed will no longer show as vulnerable
Feedback
thumb_up
Yes
thumb_down
No