Security scanner reports CVE-2023-7101 vulnerability on eDiscovery Platform server.

book

Article ID: 100076296

calendar_today

Updated On:

Description

Error Message

There is no error associated with this vulnerability.

Cause

Not Applicable.

Resolution

eDiscovery Platform does not make use of the file Spreadsheet::ParseExcel functionality as reported in the vulnerability. As a result eDiscovery Platform is not impacted by C:\PERL\perl\vendor\lib\Spreadsheet\ParseExcel.pm and no mitigation is required.

However, in order to prevent the security scanner from alerting on the file the file can be removed from the eDP server.

To remove the file perform the following:

Make a backup of the file.
Stop all eDP services
Then delete the file: C:\PERL\perl\vendor\lib\Spreadsheet\ParseExcel.pm

Issue/Introduction

Security scanner reports CVE-2023-7101 vulnerability on eDiscovery Platform server.

Spreadsheet::ParseExcel

location: C:\PERL\perl\vendor\lib\Spreadsheet\ParseExcel.pm

Vuln: Spreadsheet::ParseExcel RCE ( CVE-2023-7101 )

Current Version 0.65

Expected Version: 0.66

score: 7.8

Additional Information

JIRA: CFT-6913

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"