|
Audience: Current and prior users of the Novi Survey installable software.
Product affected: installable version of Novi Survey
Version affected: all versions less than 8.9.43676
Reference: CVE-2023-29492
Description: A vulnerability allows remote attackers to execute arbitrary code on the server in the context of the service account on affected installations of Novi Survey. The vulnerability does not provide access to survey or response data stored within the system.
Mitigation: Upgrade the installation to version 8.9.43676 or greater. There is no workaround available for versions less than 8.9.43676.
|