Not just the console. At a minimum, you need to upgrade the root server / web reports and the console to version 10.0.8. Ultimately, you will want to upgrade all of the core infrastructure (root server, console, relays, clients, webUI) to version 10.0.8.
HI @vishal … my apologies. The BES Support site (version 1475) update to address this CVE was released at the same time as the 10.0.8 platform release. So I got things mixed up. I’m requesting clarification as to whether or not the 3.2.2 release of the Notification Service addresses this issue (you might have to upgrade the service - however it was back in May) or a simple site update takes care of it.
Sorry , I am confused now . Could you pls let me know what service need to be updated and how … Let me know if need to raise a case with HCL to find out the solution .
Assuming you’ve gathered the latest site (#1475 - which it sounds like you have) and if either task # 2238 - Install Latest Notification Service (SHA256) or task # 2241 - Install Latest Notification Service (sha256 - RHEL) are relevant, then you’ll need to update the Notification Service by taking action on the appropriate task.