Products

Solutions

Company

Book A Live Demo

CVE-2019-11628 : Security Advisory and Response

Discover the impact of CVE-2019-11628 on QlikView Server and Qlik Sense Enterprise. Learn about affected versions, exploitation risks, and mitigation steps to secure your systems.

A vulnerability has been identified in versions of QlikView Server and Qlik Sense Enterprise that could allow a user to bypass file read restrictions.

Understanding CVE-2019-11628

This CVE pertains to a security issue in QlikView Server and Qlik Sense Enterprise installations.

What is CVE-2019-11628?

CVE-2019-11628 is a vulnerability found in QlikView Server versions prior to 11.20 SR19, 12.00, and 12.10 before 12.10 SR11, as well as Qlik Sense Enterprise and Qlik Analytics Platform installations lacking specific patches.

The Impact of CVE-2019-11628

The vulnerability could allow a user with authenticated access to bypass intended restrictions on file reads by using specially crafted Browser requests.

Technical Details of CVE-2019-11628

This section provides more technical insights into the CVE.

Vulnerability Description

An issue was discovered in QlikView Server and Qlik Sense Enterprise installations, potentially enabling authenticated users to bypass file-read restrictions through crafted Browser requests.

Affected Systems and Versions

QlikView Server versions before 11.20 SR19, 12.00, 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2

Qlik Sense Enterprise and Qlik Analytics Platform installations without specific patches

Exploitation Mechanism

Attack Complexity: High

Attack Vector: Network

Confidentiality Impact: High

Integrity Impact: High

Privileges Required: Low

Scope: Changed

User Interaction: None

Mitigation and Prevention

Protect your systems from CVE-2019-11628 with the following steps.

Immediate Steps to Take

Apply the necessary patches: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3, September 2018 Patch 4, November 2018 Patch 4, or February 2019 Patch 2

Monitor and restrict user access to sensitive files

Long-Term Security Practices

Regularly update and patch your QlikView Server and Qlik Sense Enterprise installations

CVE-2019-11628 : Security Advisory and Response

Understanding CVE-2019-11628

What is CVE-2019-11628?

The Impact of CVE-2019-11628

Technical Details of CVE-2019-11628

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2019-11628 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2019-11628

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2019-11628?

The Impact of CVE-2019-11628

Technical Details of CVE-2019-11628

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2019-11628

What is CVE-2019-11628?

Is your System Free of Underlying Vulnerabilities?
Find Out Now