AnsweredAssumed Answered

Has CA Reliscenced the latest version of HP/Autonomy's KeyView?

Question asked by Beeks on Jun 21, 2014
Latest reply on May 19, 2015 by ANDA_15

Like • Show 0 Likes0
Comment • 8

http://www.kb.cert.org/vuls/id/849841

Since CA DLP 14.0, Keyview has been a known vulnerability, and I have not seen any documentation from CA indicating that they have taken any positions, or have upgraded their licensed versions of kvoop for any future releases. Can anyone from CA post to prove that they are compliant with the latest patches to kvoop and are public ally compliant?

Me, personally, I have seen Kvoop just go crazy on policy engines, while choking on certain attachments.

I would appreciate any public information on to the current state of licensing and version information for current builds. It has been confirmed that 14.0+ was affected.

No one else has this question

Outcomes

8 Replies

devan05 Jun 25, 2014 12:15 PM
Mark Correct
Correct Answer
Beeks,

CA DataMinder Engineering are aware of this reported vulnerability.

CA will provide further feedback to the communities and user base when they have fully assessed the situation.

Regards
Andy Devine
Snr. Support Engineer
Like • Show 0 Likes0
Actions
- Beeks @ devan05 on Jun 26, 2014 1:12 AM
  Mark Correct
  Correct Answer
  Thanks, Andy.
  
  It's been 3 years and 2 weeks since the vulnerability has been made public, please keep the community in the loop if any advancements occur. If you check the versions on the kvoop dll's and exe's, they are way older than the initial release of the vulnerability. Personally, I have had occasional occurrences where policy engines have gone wild, with no detail logged at all when set to the highest log levels. It's been frustrating to a few of my clients so far, and we would appreciate any forward progress. (Note, each time kvoop has pegged all cores 100% for many minutes at a time, even while being throttled for incoming requests by a PE hub. Kvoop had to be killed, and as a result a message was not processed through policy.)
  
  -Beeks.
  Like • Show 0 Likes0
  Actions
  - devan05 @ Beeks on Jun 26, 2014 7:36 AM
    Mark Correct
    Correct Answer
    Beeks,
    
    Thanks for adding your observations. We will keep the communities in the loop as things progress.
    
    Regards
    Andy Devine
    Snr Support Engineer
    Like • Show 0 Likes0
    Actions
    - Beeks @ devan05 on Jul 24, 2014 12:50 AM
      Mark Correct
      Correct Answer
      Andy,
      
      Thanks. I have had another occurrence where a PE went crazy with kvoop wreaking havoc on a system, and of course, no logs to report. From my discussions with HP/Autonomy, kvoop needs to be re-licensed annually. Perhaps then, we can get some security fixes?
      
      -Beeks.
      Like • Show 0 Likes0
      Actions
      - devan05 @ Beeks on Aug 12, 2014 9:51 AM
        Mark Correct
        Correct Answer
        CA DataMinder Engineering has now released a later version of Keyview for CA DataMinder r14.5 and r14.6. This fix updates the Keyview libraries to release 10.21 which does not contain any known vulnerabilities.
        
        The fixes are available to download via the CA Support Portal or via the direct link below;
        
        14.5 FIX:RO72628
        14.6 FIX:RO72625
        
        Regards
        Andy Devine
        Snr. Support Engineer
        Like • Show 0 Likes0
        Actions
        Beeks @ devan05 on Aug 13, 2014 12:34 AM
        Mark Correct
        Correct Answer
        Andy,
        
        Awesome!!! I was not expecting this, thanks for pushing Engineering to finally get this fix out. Much appreciated! Can't wait to spread the word to my clients, but its unfortunate that a 14.1 version wasn't released. I understand EOL though.
        
        I have two questions.
        
        1. Is it possible to post (or email me) the changelog for KeyView in the new version?
        2. Can you elaborate on the reasoning as to why this hotfix isn't a click and go solution? One of my clients isn't going to be happy that installation of the client endpoint on 9000+ workstations requires repacking the hotfix to include additional scripting to rename the keyview directory, if I've understood the installation instructions correctly.
        
        Anyway, thanks again!
        Like • Show 0 Likes0
        Actions
        devan05 @ Beeks on Aug 14, 2014 11:11 AM
        Mark Correct
        Correct Answer
        Beeks,
        
        Answers to your questions below:
        
        Q1. Is it possible to post (or email me) the changelog for KeyView in the new version?
        A1. Please provide an e-mail address and I will forward this information, alternatively download the hotfix and review. All Keyview specific components are version 10.21.0.0.
        
        Q2. Can you elaborate on the reasoning as to why this hotfix isn't a click and go solution? One of my clients isn't going to be happy that installation of the client endpoint on 9000+ workstations requires repacking the hotfix to include additional scripting to rename the keyview directory, if I've understood the installation instructions correctly
        
        A2. The Fix release strategy is publsihed on the CA DataMinder Pages of the CA Support Portal, but can be accessed via the link below:
        
        CA DataMinder/DLP Fix Strategy
        
        Regards
        Andy Devine
        Snr Support Engineer.
        CA DataMinder Team
        Like • Show 0 Likes0
        Actions
        ANDA_15 @ devan05 on May 19, 2015 11:40 AM
        Mark Correct
        Correct Answer
        Hi Andy,
        Please I'm having this error when updating keyview and applying fix RO72625 in windows 2008R2 server.
        
        I followed upgrade guide but it fails.
        
        Kind regards.
        Youssef Laaguid
        Like • Show 0 Likes0
        Actions

Has CA Reliscenced the latest version of HP/Autonomy's KeyView?

Outcomes

Related Content

Recommended Content