EDR Server: Is CVE-2023-38545 a concern for Carbon Black EDR Server?
searchcancel
EDR Server: Is CVE-2023-38545 a concern for Carbon Black EDR Server?
book
Article ID: 288265
calendar_today
Updated On: 11-22-2023
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
What is Carbon Black's position on the reported existence of CVE-2023-38545 on EDR server machines?
Environment
Carbon Black EDR server: All versions
RHEL OS: 9.x
Resolution
This RHEL article states only RHEL 9 is affected. EDR server 7.x does not yet support RHEL 9 (as of November, 2023). Also the "curl" package referenced is not part of the EDR software package and should be addressed/fixed/patched by the OS or owning vender that installed/maintains it.