Meltdown and Spectre -Intel Flaws
Incident Report for Conga
Resolved
Resolved - Conga will continue to work with vendors to apply all applicable patches to all customer products and services as they become available. Conga's existing security controls mitigate all 3 of the currently known vulnerabilities and threat vectors.
Posted 5 months ago. Feb 23, 2018 - 17:21 MST
Monitoring
Conga is working to deploy the applicable patches to all customer products and services as they become available from vendors. However, Conga's existing security controls mitigate all 3 of the currently known vulnerabilities and threat vectors.

Products/Services:
CVE-2017-5712
Remotely exploitable - No systems are open to ports 16992/16993.

CVE-2017-5705
CVE-2017-5706
CVE-2017-5707
CVE-2017-5708
CVE-2017-5709
CVE-2017-5710
CVE-2017-5711
CVE-2017-5715
CVE-2017-5754
CVE-2017-5753
-Physical and logical access to OS level system components are protected via multiple layers of controls which prohibit malicious actors from executing physical or logical Operating kernel access.

Conga's Information Security team continues to monitor news and intelligence resources for additional information and will act upon a need to adjust our posture as necessary. Please send further questions to security@getconga.com
Posted 7 months ago. Jan 04, 2018 - 11:15 MST