hi,
a customer did a security scan on there network.
and it came back with the following incident:
CPE: cpe:/a:jquery:jquery:2.1.3
Installed version: 2.1.3
Location/URL: https://hostame/webconsole/common/js
EOL version: 2
EOL date: unknown
this version is very old, and flagged as out of support.
the customer was wondering when this will be updated to a newer version.
and how we would upgrade the version.
kind Regards,
Thos Gieskes.
Best answer by Blaine Williams
Hi Thos,
It appears it is only being flagged due to being out off support and some medium vulnerabilities. The risk is not high.
The first changes are targeted for 11.25 (subject to change due to testing etc...).
I hope that helps answers you questions.
Hi Thos.
I am just confirming with our development team here as it looks like we are pivoting away from jquery.
I will update in the next couple of days.
Hi Thos,
I have been discussing this with development and we are not technically pivoting away from jquery. We are however working on migrating the functionalities from webconsole to the command centre which is not using the older version of jquery and thus removing the vulnerability.
HI
thanks for the update.
the customer is worried about it because it came up in an security scan as the highest level of insecurity (5/5).
can you say if there is an eta on this?
or are there any details on how vulnerable this is?
Thanks!
Hi Thos,
It appears it is only being flagged due to being out off support and some medium vulnerabilities. The risk is not high.
The first changes are targeted for 11.25 (subject to change due to testing etc...).
I hope that helps answers you questions.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
