OO 10 Remote Code Execution vulnerability - remediation?
Received notification of CVE-2016-8519 for Remote Code Execution vulnerability in OO 10.
Remediation was recommended by installing OO 10.70 Community Edition. Is this appropriate for Enterprise Editions?
Re: OO 10 Remote Code Execution vulnerability - remediation?
- The vulnerability was found on OO Community Edition version.
- The vulnerability also affects Enterprise versions of OO.
- The versions affected are all 10.x releases.
- The vulnerability can be exploited only if authentication is disabled in OO.
The solution to this problem is to upgrade to 10.70.
Please ensure that authentication is enabled in your OO environment.
Customer Support Engineer
If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a KUDOS by clicking on the STAR at the bottom left of the post and show your appreciation.