CVE-2023-41265

Name of the Vulnerable Software and Affected Versions Qlik Sense Enterprise for Windows versions May 2023 Patch 3 and earlier Qlik Sense Enterprise for Windows versions February 2023 Patch 7 and earlier Qlik Sense Enterprise for Windows versions November 2022 Patch 10 and earlier Qlik Sense Enterprise for Windows versions August 2022 Patch 12 and earlier

Description An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request. This allows them to send requests that get executed by the backend server hosting the repository application. The vulnerability is related to insufficient handling of HTTP requests. It has been exploited in real-world attacks, including the Cactus Ransomware campaign, to gain initial access and install ransomware.

Recommendations For Qlik Sense Enterprise for Windows versions May 2023 Patch 3 and earlier, update to May 2023 Patch 4 or later. For Qlik Sense Enterprise for Windows versions February 2023 Patch 7 and earlier, update to February 2023 Patch 8 or later. For Qlik Sense Enterprise for Windows versions November 2022 Patch 10 and earlier, update to November 2022 Patch 11 or later. For Qlik Sense Enterprise for Windows versions August 2022 Patch 12 and earlier, update to August 2022 Patch 13 or later. As a temporary workaround, consider restricting access to the vulnerable HTTP request handling mechanism until a patch is available.