Differences

This shows you the differences between two versions of the page.

--- public:announcement:critical_vulnerability_in_ahsaycbs_v7_and_v8 [2020/02/11 16:48]
ronnie.chan created
+++ public:announcement:critical_vulnerability_in_ahsaycbs_v7_and_v8 [2020/02/20 11:19] (current)
yuk.cheng [What are the affected AhsayCBS versions?]
@@ Line 1: / Line 1: @@
 ====== Ahsay Security Advisory (#26030) - Critical Vulnerability in AhsayCBS v7 and AhsayCBS v8 ======
-We have recently uncovered a critical vulnerability, which exposes some versions of AhsayCBS v7 and AhsayCBS v8 to a very high risk of malicious attack and loss of data.
+We have recently uncovered a critical vulnerability in the AhsayCBS API (Application Programming Interface) system, which exposes some versions of AhsayCBS v7 and AhsayCBS v8 to a very high risk of malicious attack and loss of data.
 The vulnerability could potentially allow a malicious attacker to:
@@ Line 11: / Line 11: @@
 ===== What are the affected AhsayCBS versions? =====
-  * AhsayCBS pre-v7.17.1.10
+  * AhsayCBS pre-v7.17.2.97
-  * AhsayCBS v8.1.0.24 to v8.1.1.50
+  * AhsayCBS v8.1.0.24 to v8.1.1.x
   * AhsayCBS v8.3.0.30 to 8.3.0.104
@@ Line 30: / Line 30: @@
 Please make sure you have valid maintenance before upgrading to the latest release. Otherwise, your AhsayCBS service will stop functioning due to "Support Expired" error. Please contact a member our Sales team sales-kb@ahsay.com for assistance with maintenance related issues.
 </WRAP>
+<WRAP indent>
+==== 1. For partners currently on AhsayCBS v7 ====
+i. If your current version is **NOT AhsayCBS v7.17.2.2 or above**.
+  * Please refer to this KB articles for upgrade instructions to upgrade to v7.17.2.2:
+    * Windows/Linux/FreeBSD: [[public:5145_faq:how_to_install_the_latest_patch_set_for_ahsaycbs|Click here]]
+    * AhsayUBS: [[public:5237_faq:how_to_install_the_latest_patch_set_for_ahsayubs_version_7|Click here]]
+  * Apply the latest hotfix v7.17.2.119 or above. Please refer to instructions on our Partner Portal [[https://www.ahsay.com/partners/en/home/index.jsp?pageContentKey=ahsay_assets_hotfix-v7|here]]. (**Note:** a valid partner portal login is required.)
+ii.  If your current version is AhsayCBS v7.17.2.2 or above.
+  * Apply the latest hotfix v7.17.2.119 or above. Please refer to instructions on our Partner Portal [[https://www.ahsay.com/partners/en/home/index.jsp?pageContentKey=ahsay_assets_hotfix-v7|here]]. (**Note:** a valid partner portal login is required.)
+==== 2. For partners currently on AhsayCBS v8 ====
+If your current version is **NOT AhsayCBS v8.3.2.11 or above**, please refer to the following KB article for upgrade instructions:
+  * Windows/Linux/FreeBSD: [[public:8009_faq:how_to_install_the_latest_patch_set_for_ahsaycbs|Click here]]
+  * AhsayUBS: [[public:8026_faq:how_to_install_the_latest_patch_set_for_ahsayubs|Click here]]
+</WRAP>
+===== What if my maintenance has already expired? How do I upgrade? =====
+**Stop! Do not upgrade** until you contact a member our Sales Team at [[mailto:sales-kb@ahsay.com|sales-kb@ahsay.com]] for assistance with your maintenance renewal.
+===== What if I require assistance with my AhsayCBS server upgrade? =====
+Our professional service team is ready to provide immediate assistance to partners with AhsayCBS v7 and AhsayCBS v8 upgrades.
+Please contact a member our Sales Team at [[mailto:sales-kb@ahsay.com|sales-kb@ahsay.com]] to obtain a quotation for the AhsayCBS upgrade service.

User Tools

Site Tools

Differences

Page Tools