CVE-2023-48365: Critical Qlik Sense Enterprise Flaw Allows Unauthenticated RCE

In the realm of data analytics and business intelligence, Qlik Sense Enterprise stands as a prominent tool, empowering organizations to visualize and interpret complex information. However, a critical security vulnerability affecting Qlik Sense Enterprise has been identified and classified as CVE-2023-48365 (CVSS score of 9.6). This vulnerability, if exploited, could allow remote attackers to execute arbitrary code on vulnerable systems, potentially compromising sensitive data and disrupting operations.


Unveiling the HTTP Tunneling Vulnerabilities

The primary vulnerability, CVE-2023-48365, stems from inadequate validation of HTTP headers. This flaw enables remote attackers to exploit the system by tunneling HTTP requests, essentially gaining unauthorized access to the backend server hosting the repository application. This access grants attackers the power to execute arbitrary commands, potentially compromising sensitive data and disrupting critical operations.

The Ripple Effect of CVE-2023-41265

The impact of CVE-2023-48365 is further exacerbated by the existence of its predecessor, CVE-2023-41265. This vulnerability, though addressed in some Qlik Sense Enterprise versions, remains a threat for users operating on outdated patches. The incomplete resolution of CVE-2023-41265 has created a persistent entry point for attackers, leaving organizations vulnerable to exploitation.

Affected Versions and Mitigation Strategies

The vulnerabilities affect all versions of Qlik Sense Enterprise for Windows prior to August 2023 Patch 2. To safeguard against these threats, Qlik has released patched versions for affected releases:

  • August 2023 Patch 2
  • May 2023 Patch 6
  • February 2023 Patch 10
  • November 2022 Patch 12
  • August 2022 Patch 14
  • May 2022 Patch 16
  • February 2022 Patch 15
  • November 2021 Patch 17

A Call to Action for Qlik Sense Enterprise Users

In light of these critical vulnerabilities, Qlik Sense Enterprise users must prioritize immediate action. Upgrading to the patched versions is the most effective defense against these threats. Additionally, organizations should implement robust cybersecurity practices, including regular vulnerability scanning and patching, to maintain a resilient security posture.