Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-49002: Recent node.js Vulnerabilities and Centrify DirectAudit

Auditing and Monitoring Service ,  

19 February,21 at 03:11 PM

Question: Do the following CVEs regarding node.js affect the Centrify DirectAudit Database in any way?

CVE1 : CVE-2019-5737, CVE-2019-5739
CVE 2: CVE-2018-12121, CVE-2018-12122, CVE-2018-12123, CVE-2018-12116
 

Answer:  Customers are encouraged to follow the instructions for patching listed in the above CVEs. DirectAudit does not use NodeJS and Centrify has no reasons to believe that the security patches will affect DirectAudit in any way. As far as post-patch verification is concerned, customers can simply use the Audit Manager console and verify the following:

A) The collectors are in connected state.
B) The Audit Store databases are in connected/online state after the patching for a successful verification.

Related Articles

No related Articles