EDR: Is EDR vulnerable to CVE-2019-17558?
search cancel

EDR: Is EDR vulnerable to CVE-2019-17558?

book

Article ID: 287393

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • Is EDR vulnerable to CVE-2019-17558, Apache Solr < 8.4.0 Remote Code Execution? 

Environment

  • EDR: All Supported Versions
  • Hosted EDR: All Supported Versions

Resolution

  • By default we do not expose SOLR or any of the ports it is running on therefore we are not vulnerable to that CVE. If for some reason the SOLR port has been opened manually, then the vulnerablity may exist, but by default the port is closed to remote connections.
Powered by Wolken Software