CLOUDBASIX Software-As-A-Service (SaaS) Products
Distributed via AWS, Microsoft Azure, Google Cloud and other channels
Security Advisory
SaaS Product Security Advisory |
Release Date Generally Available (GA)Report/Discovery Date |
Current Version | Reported by | Remediation Status |
CloudBasix InterCloud, SQL Server Edition
|
November 3, 2014 |
13.2 | ||
Apache Log4j disclosed a new RCE issue CVE-2021-44228 that affects all versions from 2.0-beta9 to 2.14.1 [1] |
December 11, 2021 | Amazon Web Services
Internal Discovery (SCA) |
A new AMI version was released shortly after the report with removed Log4j (as not used by the product; used by a MS tool).
For customers with existing instances, provided recommendation to delete the file, located in C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar |
|
Microsoft.AspNetCore Medium risk vulnerability (based on product delivery model) |
October 3, 2022 | Internal Discovery (SCA) | Upgraded from Microsoft.NetCore.App 2.2.8 to 6.0.19 The NetCore version is located in the 2 sub-folders of C:\Program Files\dotnet\shared The updater Version 13.0 and later removes sub-folders of C:\Program Files\dotnet\shared labeled 2.2.8 and replaces those with 6.0.19. |
|
One year Advanced notice |
October 10, 2022 | Microsoft | Microsoft Windows 2012 (including R2) EOL support will end on Oct-22-2023 https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2012 https://learn.microsoft.com/en-us/lifecycle/products/windows-server-2012-r2 Upgrade path: To Windows 2019 based Instance. Refer to below upgrade guidance resource, or contact Support — https://cloudbasic.net/saas-products-security-advisory/windows-2012-to-2019-migration |
SaaS Product/ Security Vulnerability Reports |
Release Date Generally Available (GA)Report/Discovery Date |
Current Version | Reported by | Remediation Status |
CloudBasix InterCloud
Snowflake, |
October 25, 2021 |
4.9 | NA | |
Spring Framework Data Binding Rules Vulnerability (CVE-2022-22968) |
May 5, 2022 | Internal Discovery (SCA) | Upgraded to latest Spring Boot framework shortly after discovery.
New image and update packages produced. |
Last updated: Dec-10-2022