Is DLP vulnerable to CVE-2024-4453
Article ID: 382761
Updated On:
Products
Data Loss Prevention Network Discover
Issue/Introduction
CVE-2024-4453 is a vulnerability around the dependency of gstreamer.
Environment
DLP 15.8 and above
Cause
gstreamer depenendcy is used for the integration with ICT.
Resolution
ICT with DLP has been EOL since 2021. see https://community.broadcom.com/symantecenterprise/browse/announcements?AnnouncementKey=0a2a9b45-a9c7-4aea-a47a-de5af4145257.
DLP is not affected by gstreamer vulnerabilities and in 16.0 gstreamer is no longer used. If ICT is not used it is safe to remove/uninstall gstreamer
Feedback
Yes
No
Powered by
