cnMaestro On-Premises security patch

For cnMaestro cloud users, there is no further action required. For users of cnMaestro on-premises, patch has been released. Please immediately apply the security patch available here.

Details are HERE.
cnMaestroSecurityAdvisory-20210719-2.pdf (121.1 KB)

1 Like

Is there a way to mitigate the risk before applying the patch?

Hi latinsud – The primary recommendation would be to use standard security practices in the deployment, such as placing cnMaestro behind a firewall and limiting access, such as through ACLs or Security Groups (if running in AWS). In cnMaestro 3.1 we plan to add Client IP Filtering to make this easier.

Hi Rob, would it be possible to share what exactly the vulnerability was? The security advisory doesn’t say. Typically a CVE or an organization will say what the issue is once a patch is available.

Hi rnelson – we expect Claroty will release details of the vulnerabilities in the future; however, we would like to get as many customers as possible safely updated to versions 2.4.2-r29, 3.0.0-r34, or 3.0.3-r32 beforehand.