UIM Primary Servers CVE-2023-28304 vulnerability 
search cancel

UIM Primary Servers CVE-2023-28304 vulnerability 

book

Article ID: 266801

calendar_today

Updated On: 07-20-2023

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

dThe vulnerability scan detected the following CVE for ODBC driver: CVE-2023-23375, CVE-2023-28304 in primary hub and primary HA hub. (https://www.xxxxxx.com/plugins/nessuxzxs/1xxx0)

The file detected is C:\windows\system32\msoledbsql.dll, version 18.6.3. The fixed version is 18.6.5. 

 

 

 

Environment

Release : UIM 20.4

Cumulative patch: CU6

OS: Windows 2012r2

Resolution

The new patch (20.4 CU8) resolves this vulnerability issue.

Additional Information

UIM Server 20.4 - Cumulative Update 8
Operator Console 20.4 - Cumulative Update 8

UIM vulnerability scan results - response info requested by Security team as of DX UIM 20.4 CU8