- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forticlient EMS Apache CVE-2023-25690
The latest build of FortiClient EMS ships apache version 2.4.54, which is vulnerable to CVE-2023-25690 and others.
Is there a planned fix, or is it possible to upgrade apache independently to the rest of the application?
Thanks.
Solved! Go to Solution.
- Labels:
-
FortiClient EMS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is fixed from 7.2.1 versions and that is the latest build for EMS. Are you saying you are seeing the issue on 7.2.1 or 7.2.0 ?
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello greeve,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is fixed from 7.2.1 versions and that is the latest build for EMS. Are you saying you are seeing the issue on 7.2.1 or 7.2.0 ?
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the help srajeswaran. The issue was on 7.2.0, apologies for not being specific. There was no 7.2.1 at the time; looks like it was released on the day I asked the question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Suraj,
Do you know where I can find a table or document that shows the Apache versions associated with the EMS version? The 7.2.1 release is brand new and we prefer to test new releases for a few months prior to whitelisting them for deployment so if 7.0.8's Apache build will also resolve the issue we'd deploy it instead. Any sort of document showing the EMS/Apache build versions together would be a big help.
Regards,
Blake Webb
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm afraid I don't know. In fact I haven't seen httpd or Apache mentioned at all in any documentation I've read.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Blake,
I can't see any table/document for Apache and EMS versions, but I can see that the fix for this issue is in 7.0.9 (release expected this week).
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear Suraj,
One of our customer having EMS 7.0.8. Are we still need to upgrade the EMS?
