Qlik Product Security Update Advisory (CVE-2023-48365)

Mar 13 2024

Overview

Qlik has made available an update that addresses a vulnerability in its products. users of affected versions are advised to update to the latest version.

Affected Products

CVE-2023-48365

Qlik Sense Enterprise (for Windows) August 2023 Patch 1 or below
Qlik Sense Enterprise (for Windows) May 2023 Patch 5 or below
Qlik Sense Enterprise (for Windows) February 2023 Patch 9 or below
Qlik Sense Enterprise (for Windows) November 2022 Patch 11 or below
Qlik Sense Enterprise (for Windows) August 2022 Patch 13 or below
Qlik Sense Enterprise (for Windows) May 2022 Patch 15 or below
Qlik Sense Enterprise (for Windows) February 2022 Patch 14 or below
Qlik Sense Enterprise (for Windows) November 2021 Patch 16 or below

Cve-2023-41265, cve-2023-41266

Qlik Sense Enterprise (for Windows) May 2023 Patch 3 or below
Qlik Sense Enterprise (for Windows) February 2023 Patch 7 or below
Qlik Sense Enterprise (for Windows) November 2022 Patch 10 or below
Qlik Sense Enterprise (for Windows) August 2022 Patch 12 or below

Resolved Vulnerabilities

Unauthenticated remote code execution vulnerability in Qlik Sense Enterprise for Windows (CVE-2023-48365) [2]

HTTP request tunneling vulnerability in Qlik Sense Enterprise for Windows (CVE-2023-41265) [1]

Path traversal vulnerability in Qlik Sense Enterprise for Windows (CVE-2023-41266) [1]

Vulnerability Patches

Vulnerability patches were made available in the December 1, 2023 update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2023-48365

Qlik Sense Enterprise (for Windows) November 2023 IR version
Qlik Sense Enterprise (for Windows) August 2023 Patch 2 version
Qlik Sense Enterprise (for Windows) May 2023 Patch 6 version
Qlik Sense Enterprise (for Windows) February 2023 Patch 10 version
Qlik Sense Enterprise (for Windows) November 2022 Patch 12 version
Qlik Sense Enterprise (for Windows) August 2022 Patch 14 version
Qlik Sense Enterprise (for Windows) May 2022 Patch 16 version
Qlik Sense Enterprise (for Windows) February 2022 Patch 15 version
Qlik Sense Enterprise (for Windows) November 2021 Patch 17 version

Cve-2023-41265, cve-2023-41266

Qlik Sense Enterprise (for Windows) August 2023 Initial Release
Qlik Sense Enterprise (for Windows) May 2023 Patch 4
Qlik Sense Enterprise (for Windows) February 2023 Patch 8
Qlik Sense Enterprise (for Windows) November 2022 Patch 11
Qlik Sense Enterprise (for Windows) August 2022 Patch 13

Referenced Sites

[1] Critical Security fixes for Qlik Sense Enterprise for Windows (CVE-2023-41266, CVE-2023-41265)

https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801

[2] Critical Security fixes for Qlik Sense Enterprise for Windows (CVE-2023-48365)

https://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2120325

[3] https://community.qlik.com/t5/Product-Downloads/tkb-p/Downloads

Qlik Product Security Update Advisory (CVE-2023-48365)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Google ChromeOS/ChromeOS Flex (122.0.6045.214) Security Update Advisory

Oracle Family Security Update Advisory (CVE-2024-20932)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Google ChromeOS/ChromeOS Flex (122.0.6045.214) Security Update Advisory

Oracle Family Security Update Advisory (CVE-2024-20932)