FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Security vulnerability

stefanie_pachne
Dynatrace Participant
Dynatrace Participant

on ‎03 Oct 2022 04:04 AM - edited on ‎11 Oct 2022 03:48 AM by Community Team

This is a Self Service Diagnostics article of type Partial-Self-Service.

 

Self Service Summary

Issue Solution Tasks Alternative
A Dynatrace component is suspected to be vulnerable and you need more details

Get in touch with Support after preparing required information with your Security Team

 Open a Support Ticket and specify: Dynatrace component + version, vulnerability details, your required update (see below) Search within the Release Notes if you know proper key words

 

Support Ticket Content

Work with your Security Team to provide the following Self Service Diagnostics:

  1. Dynatrace component: Which component incl. version is suspected to be vulnerable (e.g. SaaS 1.240, Managed 1.240, OneAgent 1.240, ActiveGate 1.239, Dynatrace API 1.240, Cloud Automation 240.1.0)
  2. Vulnerability source and details: Describe how the vulnerability was found and attach if applicable:
    • Complete report/test result
    • CVE-#
    • Severity level or CVSS
    • Path to the affected library
    • Tool/scanner name
    • How to reproduce the security concern/pentest (e.g. attack vector, exploit)
  3. Required update: As a customer, I want to know e.g.
    • If I am affected
    • How I am affected
    • If it is of high severity
    • In which version it will be fixed
    • When the fix version will be available

 

Comments
ChadTurner
DynaMight Legend
DynaMight Legend
‎10 Jan 2023 05:57 AM

Great  template, thanks @stefanie_pachne 

New Article
Version history
Last update:
‎11 Oct 2022 03:48 AM
Updated by:
Community Team