Is the App Control Server affected by the PHP Vulnerability CVE-2024-11235?
search cancel

Is the App Control Server affected by the PHP Vulnerability CVE-2024-11235?

book

Article ID: 398068

calendar_today

Updated On:

Products

Carbon Black App Control

Issue/Introduction

Vulnerability scan shows the App Control Server contains a PHP version associated with CVE-2024-11235.

Environment

  • App Control Server: 8.11.0
  • Microsoft Windows: All Supported Versions
  • PHP: Versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5

Cause

App Control Server contains a PHP version associated with CVE-2024-11235.

Resolution

An investigation determined the App Control Server is not susceptible to this CVE and no immediate action is currently required.

Additional Information

  • Libraries (such as PHP) are updated with each Server release.
  • Subscribe to Product Update Notifications to be alerted when a new Server release is available.
  • Do not attempt to update the PHP Library or make any modifications to the PHP Library used by App Control. Doing so will cause issues accessing the Console.
Powered by Wolken Software