Blog articles

Novi Survey security advisory Apr-2023


Posted on 4/10/2023 by Novi Survey in category: survey software news
Audience: Current and prior users of the Novi Survey installable software.

Product affected: installable version of Novi Survey

Version affected: all versions less than 8.9.43676

Reference: CVE-2023-29492

Description:
A vulnerability allows remote attackers to execute arbitrary code on the server in the context of the service account on affected installations of Novi Survey.
The vulnerability does not provide access to survey or response data stored within the system.

Mitigation:
Upgrade the installation to version 8.9.43676 or greater. There is no workaround available for versions less than 8.9.43676.

Assessment Software | Survey Software Blog | Survey Sitemap | Privacy Policy
Copyright © 2007 - 2024 All rights reserved.
3rd Millennium, Inc. - 245 First Street, 18th Floor, Cambridge, MA 02142, USA. Phone: 781-547-7739