Skip to content
DataMiner DoJo

More results...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Search in posts
Search in pages
Log in
Menu
  • Blog
  • Questions
  • Learning
    • E-learning Courses
    • Open Classroom Training
    • Certification
      • DataMiner Fundamentals
      • DataMiner Configurator
      • DataMiner Automation
      • Scripts & Connectors Developer: HTTP Basics
      • Scripts & Connectors Developer: SNMP Basics
      • Visual Overview – Level 1
      • Verify a certificate
    • Tutorials
    • Video Library
    • Books We Like
    • >> Go to DataMiner Docs
  • Expert Center
    • Solutions & Use Cases
      • Solutions
      • Use Case Library
    • Markets & Industries
      • Media production
      • Government & defense
      • Content distribution
      • Service providers
      • Partners
      • OSS/BSS
    • DataMiner Insights
      • Security
      • Integration Studio
      • System Architecture
      • DataMiner Releases & Updates
      • DataMiner Apps
    • Agile
      • Agile Webspace
      • Everything Agile
        • The Agile Manifesto
        • Best Practices
        • Retro Recipes
      • Methodologies
        • The Scrum Framework
        • Kanban
        • Extreme Programming
      • Roles
        • The Product Owner
        • The Agile Coach
        • The Quality & UX Coach (QX)
    • DataMiner DevOps Professional Program
  • Downloads
  • More
    • Feature Suggestions
    • Climb the leaderboard!
    • Swag Shop
    • Contact
      • General Inquiries
      • DataMiner DevOps Support
      • Commercial Requests
    • Global Feedback Survey
  • PARTNERS
    • All Partners
    • Technology Partners
    • Strategic Partner Program
    • Deal Registration
  • >> Go to dataminer.services

CVE-2024-3094 vulnerability (XZ Utils)

Solved663 views4th April 2024security vulnerability
4
Koen Bouckhout [SLC] [DevOps Advocate]1.29K 4th April 2024 0 Comments

Dear dojo,

Recently a backdoor has been identified in upstream tarballs of the XZ open source library used many Linux distribution and tools.  This is tracked as CVE-2024-3094.

Reading the documentation, I don't think any of the native DataMiner SW products are affected by this vulnerability.  I am also thinking about customers with Cassandra & OpenSearch database installations on RHEL, CentOS or Ubuntu. It seems these are not affected.

Anybody can confirm this?

Thanks,

Koen.

Koen Bouckhout [SLC] [DevOps Advocate] Selected answer as best 4th April 2024

1 Answer

  • Active
  • Voted
  • Newest
  • Oldest
3
Seppe Dejonckheere [SLC] [DevOps Advocate]2.21K Posted 4th April 2024 0 Comments

Hi Koen,

You are correct that this backdoor does not affect DataMiner. The backdoor specifically targets sshd for linux. This does mean that customers with Cassadra & Opensearch installations might be affected, depending on which distro they are running.

This is what I could find on some of the most common linux distros:

  • Ubuntu: not affected
  • Debian: stable versions are not affected, but some testing, unstable and experimental  are affected
  • Red Hat: Fedora Rawhide and Fedora linux 40 beta are affected, RHEL is not affected
  • Arch: some Arch linux versions are affected

More details can be found in this article.

Koen Bouckhout [SLC] [DevOps Advocate] Selected answer as best 4th April 2024
Please login to be able to comment or post an answer.

My DevOps rank

DevOps Members get more insights on their profile page.

My user earnings

0 Dojo credits

Spend your credits in our swag shop.

0 Reputation points

Boost your reputation, climb the leaderboard.

Promo banner DataMiner DevOps Professiona Program
DataMiner Integration Studio (DIS)
Empower Katas

Recent questions

Web Applications exception in Cube due to invalid certificate 0 Answers | 0 Votes
Redundancy Groups and Alarming – Duplicate Alarms 0 Answers | 0 Votes
Correlation Engine: “Test rule” doesn’t result in a hit, despite functional rule 1 Answer | 3 Votes

Question Tags

adl2099 (115) alarm (62) Alarm Console (82) alarms (100) alarm template (83) Automation (223) automation scipt (111) Automation script (167) backup (71) Cassandra (180) Connector (109) Correlation (69) Correlation rule (52) Cube (151) Dashboard (194) Dashboards (188) database (83) DataMiner Cube (57) DIS (81) DMS (71) DOM (140) driver (65) DVE (56) Elastic (83) Elasticsearch (115) elements (80) Failover (104) GQI (159) HTTP (76) IDP (74) LCA (152) low code app (166) low code apps (93) lowcodeapps (75) MySQL (53) protocol (203) QAction (83) security (88) SNMP (86) SRM (337) table (54) trending (87) upgrade (62) Visio (539) Visual Overview (345)
Privacy Policy • Terms & Conditions • Contact

© 2025 Skyline Communications. All rights reserved.

DOJO Q&A widget

Can't find what you need?

? Explore the Q&A DataMiner Docs

[ Placeholder content for popup link ] WordPress Download Manager - Best Download Management Plugin