NW-2024-01
CVE-2021-44228, CVE-2021-45046, CVE-2023-38408, CVE-2019-10744, CVE-2022-46337, CVE-2018-18311, CVE-2022-2274, CVE-2023-20873, CVE-2023-25691, CVE-2022-1471, CVE-2022-22965, CVE-2022-29361, CVE-2022-35255
CVE-2022-3564, CVE-2023-2828, CVE-2023-24329, CVE-2022-45688, CVE-2023-46120, CVE-2023-33204, CVE-2023-31486 , CVE-2020-12762, CVE-2023-3138, CVE-2023-44487, CVE-2022-45884, CVE-2022-45886, CVE-2022-45919, CVE-2023-3812, CVE-2023-2163, CVE-2023-5178, CVE-2022-4904, CVE-2023-34058, CVE-2023-34059, CVE-2023-20897, CVE-2023-20898, CVE-2023-29491, CVE-2023-20900, CVE-2023-3090, CVE-2023-35001, CVE-2023-35788, CVE-2023-3776, CVE-2023-4004, CVE-2023-30630, CVE-2023-1370, CVE-2023-2976, CVE-2022-44729, CVE-2021-29477, CVE-2022-45939, CVE-2023-2491, CVE-2023-26604, CVE-2023-32233, CVE-2022-39377, CVE-2022-31129, CVE-2022-40898, CVE-2022-2132, CVE-2022-3171, CVE-2022-1941, CVE-2021-3572, CVE-2019-20916, CVE-2022-29217, CVE-2021-41265, CVE-2021-27291, CVE-2023-30590, CVE-2023-30589, CVE-2023-30587, CVE-2023-30586, CVE-2023-30585, CVE-2023-30584, CVE-2023-30581, CVE-2023-24807, CVE-2023-23919, CVE-2023-23918, CVE-2022-43548, CVE-2022-3786, CVE-2022-3602, CVE-2022-32212, CVE-2023-25193, CVE-2023-0286, CVE-2023-0215, CVE-2023-0464, CVE-2023-0494, CVE-2022-46344, CVE-2022-46343, CVE-2022-46342, CVE-2022-46341, CVE-2022-46340, CVE-2022-4283, CVE-2022-3550, CVE-2023-21930, CVE-2023-0461, CVE-2022-42720, CVE-2022-41674, CVE-2022-39189, CVE-2022-3625, CVE-2022-3623, CVE-2022-3566, CVE-2022-3522, CVE-2022-3239, CVE-2022-30594, CVE-2022-3028, CVE-2022-25265, CVE-2022-2196, CVE-2022-20141, CVE-2022-1679
CVE-2022-25147, CVE-2022-44730, CVE-2023-27043, CVE-2023-32681, CVE-2007-4559, CVE-2023-23931, CVE-2023-22745, CVE-2022-48468, CVE-2023-32324, CVE-2023-4641, CVE-2023-1192, CVE-2020-22217, CVE-2023-31130, CVE-2022-3094, CVE-2023-1981, CVE-2023-31419, CVE-2022-4285, CVE-2023-46118, CVE-2023-22899, CVE-2022-36033, CVE-2023-2002, CVE-2023-20593, CVE-2023-34462, CVE-2023-41080, CVE-2020-13956, CVE-2021-37533, CVE-2023-3817, CVE-2023-1667, CVE-2023-2283, CVE-2020-24736, CVE-2022-43552, CVE-2022-44792, CVE-2022-44793, CVE-2022-2795, CVE-2023-27535, CVE-2022-36227, CVE-2021-22569, CVE-2023-30588, CVE-2023-30583, CVE-2023-30582, CVE-2023-23936, CVE-2023-23920, CVE-2022-35256, CVE-2022-32222, CVE-2022-32215, CVE-2022-32213, CVE-2023-21830, CVE-2023-21835, CVE-2023-22041, CVE-2022-4304, CVE-2023-0466, CVE-2023-0465, CVE-2023-3446, CVE-2022-3551, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-23454, CVE-2023-1582, CVE-2023-1195, CVE-2023-0394, CVE-2022-47929, CVE-2022-43750, CVE-2022-42722, CVE-2022-42721, CVE-2022-42703, CVE-2022-4129, CVE-2022-41218, CVE-2022-39188, CVE-2022-3707, CVE-2022-3628, CVE-2022-3619, CVE-2022-3567, CVE-2022-3524, CVE-2022-2663, CVE-2022-1789, CVE-2022-1462, CVE-2021-33656, CVE-2021-33655, CVE-2021-26341, CVE-2023-43804, CVE-2023-45803
CVE-2023-20867, CVE-2023-4016, CVE-2023-45145, CVE-2021-34428, CVE-2008-5161, CVE-2023-21968, CVE-2022-35252, CVE-2023-21843, CVE-2023-22006, CVE-2023-22036, CVE-2023-22045, CVE-2023-22049, CVE-2023-21938, CVE-2023-21937
CVSS v3 Base Score: See NVD (http://nvd.nist.gov/) for individual scores for each CVE.
NetWitness Platform versions prior to 12.4.
Multiple components within the NetWitness Platform require a security update to address various vulnerabilities.
The embedded components are updated for the following vulnerabilities:
https://access.redhat.com/errata/RHSA-2023:7034
https://nvd.nist.gov/vuln/detail/CVE-2008-5161
https://nvd.nist.gov/vuln/detail/CVE-2018-18311
https://nvd.nist.gov/vuln/detail/CVE-2019-10744
https://nvd.nist.gov/vuln/detail/CVE-2019-20916
https://access.redhat.com/errata/RHSA-2023:6976
https://nvd.nist.gov/vuln/detail/CVE-2020-13956
https://access.redhat.com/errata/RHSA-2023:7207
https://access.redhat.com/errata/RHSA-2023:3840
https://nvd.nist.gov/vuln/detail/CVE-2021-22569
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2021-27291
https://access.redhat.com/security/cve/CVE-2021-29477
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2021-34428
https://nvd.nist.gov/vuln/detail/CVE-2021-3572
https://nvd.nist.gov/vuln/detail/CVE-2021-37533
https://nvd.nist.gov/vuln/detail/CVE-2021-41265
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
https://access.redhat.com/errata/RHSA-2023:7174
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-1471
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-1941
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-2132
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-2274
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
https://access.redhat.com/errata/RHSA-2023:3109
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:3002
https://nvd.nist.gov/vuln/detail/CVE-2022-29217
https://nvd.nist.gov/vuln/detail/CVE-2022-29361
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:7177
https://nvd.nist.gov/vuln/detail/CVE-2022-31129
https://nvd.nist.gov/vuln/detail/CVE-2022-3171
https://nvd.nist.gov/vuln/detail/CVE-2022-32212
https://nvd.nist.gov/vuln/detail/CVE-2022-32213
https://nvd.nist.gov/vuln/detail/CVE-2022-32215
https://nvd.nist.gov/vuln/detail/CVE-2022-32222
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2963
https://nvd.nist.gov/vuln/detail/CVE-2022-35255
https://nvd.nist.gov/vuln/detail/CVE-2022-35256
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-3602
https://nvd.nist.gov/vuln/detail/CVE-2022-36033
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:3018
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-3786
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2800
https://nvd.nist.gov/vuln/detail/CVE-2022-40898
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2806
https://nvd.nist.gov/vuln/detail/CVE-2022-4285
https://nvd.nist.gov/vuln/detail/CVE-2022-4304
https://nvd.nist.gov/vuln/detail/CVE-2022-43548
https://access.redhat.com/errata/RHSA-2023:2963
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2022-44729
https://nvd.nist.gov/vuln/detail/CVE-2022-44730
https://access.redhat.com/errata/RHSA-2023:2969
https://access.redhat.com/errata/RHSA-2023:2969
https://nvd.nist.gov/vuln/detail/CVE-2022-45688
https://access.redhat.com/errata/RHSA-2023:7549
https://access.redhat.com/errata/RHSA-2023:7549
https://access.redhat.com/errata/RHSA-2023:7549
https://access.redhat.com/errata/RHSA-2023:3042
https://nvd.nist.gov/vuln/detail/CVE-2022-46337
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:6944
https://access.redhat.com/errata/RHSA-2023:7116
https://nvd.nist.gov/vuln/detail/CVE-2023-0215
https://nvd.nist.gov/vuln/detail/CVE-2023-0286
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2023-0464
https://nvd.nist.gov/vuln/detail/CVE-2023-0465
https://nvd.nist.gov/vuln/detail/CVE-2023-0466
https://access.redhat.com/errata/RHSA-2023:2806
https://access.redhat.com/errata/RHSA-2023:7549
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2023-1370
https://access.redhat.com/errata/RHSA-2023:2951
https://access.redhat.com/errata/RHSA-2023:3839
https://access.redhat.com/errata/RHSA-2023:7190
https://access.redhat.com/errata/RHSA-2023:5244
https://access.redhat.com/errata/RHSA-2023:5244
https://nvd.nist.gov/vuln/detail/CVE-2023-20867
https://nvd.nist.gov/vuln/detail/CVE-2023-20873
https://nvd.nist.gov/vuln/detail/CVE-2023-20897
https://nvd.nist.gov/vuln/detail/CVE-2023-20898
https://access.redhat.com/errata/RHSA-2023:5312
https://access.redhat.com/errata/RHSA-2023:7549
https://nvd.nist.gov/vuln/detail/CVE-2023-21830
https://nvd.nist.gov/vuln/detail/CVE-2023-21835
https://nvd.nist.gov/vuln/detail/CVE-2023-21843
https://nvd.nist.gov/vuln/detail/CVE-2023-21930
https://nvd.nist.gov/vuln/detail/CVE-2023-21937
https://nvd.nist.gov/vuln/detail/CVE-2023-21938
https://nvd.nist.gov/vuln/detail/CVE-2023-21939
https://nvd.nist.gov/vuln/detail/CVE-2023-21954
https://nvd.nist.gov/vuln/detail/CVE-2023-21967
https://nvd.nist.gov/vuln/detail/CVE-2023-21968
https://access.redhat.com/errata/RHSA-2023:1875
https://access.redhat.com/errata/RHSA-2023:1875
https://access.redhat.com/errata/RHSA-2023:1875
https://access.redhat.com/errata/RHSA-2023:1875
https://access.redhat.com/errata/RHSA-2023:1875
https://access.redhat.com/errata/RHSA-2023:7166
https://access.redhat.com/errata/RHSA-2023:3839
https://nvd.nist.gov/vuln/detail/CVE-2023-22899
https://access.redhat.com/errata/RHSA-2023:2951
https://nvd.nist.gov/vuln/detail/CVE-2023-23918
https://nvd.nist.gov/vuln/detail/CVE-2023-23919
https://nvd.nist.gov/vuln/detail/CVE-2023-23920
https://access.redhat.com/errata/RHSA-2023:7096
https://nvd.nist.gov/vuln/detail/CVE-2023-23936
https://nvd.nist.gov/vuln/detail/CVE-2023-24329
https://nvd.nist.gov/vuln/detail/CVE-2023-24807
https://access.redhat.com/errata/RHSA-2023:3104
https://access.redhat.com/errata/RHSA-2023:1875
https://nvd.nist.gov/vuln/detail/CVE-2023-25691
https://access.redhat.com/errata/RHSA-2023:3837
https://nvd.nist.gov/vuln/detail/CVE-2023-27043
https://access.redhat.com/errata/RHSA-2023:3106
https://nvd.nist.gov/vuln/detail/CVE-2023-2828
https://access.redhat.com/errata/RHSA-2023:5249
https://nvd.nist.gov/vuln/detail/CVE-2023-2976
https://nvd.nist.gov/vuln/detail/CVE-2023-30581
https://nvd.nist.gov/vuln/detail/CVE-2023-30582
https://nvd.nist.gov/vuln/detail/CVE-2023-30583
https://nvd.nist.gov/vuln/detail/CVE-2023-30584
https://nvd.nist.gov/vuln/detail/CVE-2023-30585
https://nvd.nist.gov/vuln/detail/CVE-2023-30586
https://nvd.nist.gov/vuln/detail/CVE-2023-30587
https://nvd.nist.gov/vuln/detail/CVE-2023-30588
https://nvd.nist.gov/vuln/detail/CVE-2023-30589
https://nvd.nist.gov/vuln/detail/CVE-2023-30590
https://access.redhat.com/errata/RHSA-2023:5252
https://access.redhat.com/errata/RHSA-2023:5244
https://access.redhat.com/errata/RHSA-2023:7207
https://access.redhat.com/errata/RHSA-2023:7029
https://nvd.nist.gov/vuln/detail/CVE-2023-31419
https://access.redhat.com/errata/RHSA-2023:7174
https://access.redhat.com/errata/RHSA-2023:3351
https://access.redhat.com/errata/RHSA-2023:7165
https://access.redhat.com/errata/RHSA-2023:7034
https://access.redhat.com/errata/RHSA-2023:7010
https://access.redhat.com/errata/RHSA-2023:7265
https://access.redhat.com/errata/RHSA-2023:7265
https://nvd.nist.gov/vuln/detail/CVE-2023-3446
https://nvd.nist.gov/vuln/detail/CVE-2023-34462
https://access.redhat.com/errata/RHSA-2023:5244
https://access.redhat.com/errata/RHSA-2023:5244
https://access.redhat.com/errata/RHSA-2023:5244
https://access.redhat.com/errata/RHSA-2023:7549
https://nvd.nist.gov/vuln/detail/CVE-2023-3817
https://nvd.nist.gov/vuln/detail/CVE-2023-38408
https://access.redhat.com/errata/RHSA-2023:5244
https://access.redhat.com/errata/RHSA-2023:7187
https://nvd.nist.gov/vuln/detail/CVE-2023-41080
https://nvd.nist.gov/vuln/detail/CVE-2023-43804
https://nvd.nist.gov/vuln/detail/CVE-2023-44487
https://nvd.nist.gov/vuln/detail/CVE-2023-45145
https://nvd.nist.gov/vuln/detail/CVE-2023-45803
https://nvd.nist.gov/vuln/detail/CVE-2023-46118
https://nvd.nist.gov/vuln/detail/CVE-2023-46120
https://access.redhat.com/errata/RHSA-2023:7112
https://access.redhat.com/errata/RHSA-2023:7549
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at https://nvd.nist.gov/home# . To search for a particular CVE, use the database’s search utility at https://nvd.nist.gov/search
The following NetWitness Platform release contains resolutions to these vulnerabilities: NetWitness Platform version 12.4.
NetWitness recommends all customers upgrade at the earliest opportunity.
For additional documentation, downloads and more, visit the NetWitness Platform page on NetWitness Community.
For an explanation of Severity Ratings, refer to the RSA Vulnerability Disclosure Policy. RSA recommends all customers take into account both the base score and any relevant temporal and environmental scores which may impact the potential severity associated with particular security vulnerability.
NetWitness has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.
Read and use the information in this RSA Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this advisory, contact NetWitness Customer Support. RSA Security LLC and its affiliates distribute RSA Security Advisories in order to bring to the attention of users of the affected RSA products, important security information.
RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. RSA disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement.
In no event shall RSA, its affiliates or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA, its affiliates or its suppliers have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.