Interwoven Teamsite Vulnerabilities issues

Hi All ,

We got our Teamsite scanned for Vulnerabilities and they have identified 11 Vulnerabilities with respect to teamsite ,

We are using Teamsite 5.5 version and we only open deploy

I have attached the Vulnerabilities which they have identified , is there any way we can over come these Vulnerabilities from our side or do we have to get in touch with interwoven to do the same ,

Please advice !!!

Abhishek

Find more posts tagged with

Comments

Adam Stoller

Hi All ,

We got our Teamsite scanned for Vulnerabilities and they have identified 11 Vulnerabilities with respect to teamsite ,

We are using Teamsite 5.5 version and we only open deploy

I have attached the Vulnerabilities which they have identified , is there any way we can over come these Vulnerabilities from our side or do we have to get in touch with interwoven to do the same ,

Please advice !!!

Abhishek

I haven't bothered to look at your list - but given that 5.5 is long dead and no longer officially supported - getting in touch with [Autonomy] Interwoven will probably do you little good, unless you approach it from a request to find out if these vulnerabilities still exist in 6.7.2SP2+P1 or later.

Aghosh

Hi ,
Thanks for your quick response , actually i totally agree with you , i have recommended the Managment to upgrade to a new version of Teamsite , but they want to know , if there is any remote possibality to fix the issues in the present teamsite 5.5

Abhishek

nipper

Hi ,
Thanks for your quick response , actually i totally agree with you , i have recommended the Managment to upgrade to a new version of Teamsite , but they want to know , if there is any remote possibality to fix the issues in the present teamsite 5.5

Abhishek

There is NO chance to fix this. That version has been end of life for 5 years at least.

nipper

Also, what are you really trying to do ? TS is typically a behind-the-firewall application. From your list it appears you are running it through a security scan used by applications that may process credit card information.

sumitk

Our security team conducted TeamSite security testing and found out some of the issues which are mentioned in your list. Some were related to core TS code and some related to custom code. Most of the issues mentioned are fixed in 6.7.2 and we are on 6.5. So UPGRADE is the only solution to address these issues.

PS: I totally agree with nipper.We asked our security team that the application runs behind firewall and hence they can not apply some security testing methods on this product (XSS) and got some items closed Smiley Happy . See if you can bend their rules.

Cheers,

Sumit