Carbon Black EDR vulnerabilities Apache POI
search cancel

Carbon Black EDR vulnerabilities Apache POI

book

Article ID: 440818

calendar_today

Updated On:

Products

Carbon Black EDR

Issue/Introduction

You would like to know if Carbon Black EDR is impacted by Apache POI vulnerabilities

CVE-2025-31672 - https://nvd.nist.gov/vuln/detail/CVE-2025-31672

 

Environment

Carbon Black EDR version: 7.9.1

Resolution

Carbon Black EDR 7.9.1 is not impacted by CVE-2025-31672 because the way it uses Solr does not involve the components (tika and/or POI libraries) that could be exploited.

Carbon Black EDR 7.9.2 will have upgraded libraries so that this CVE does not get flagged by VA scans.

Powered by Wolken Software