Hello,
I’ve got a question about TeamViewer CVE-2024-0819.
It seems to be included in the Enterprise Feed but not in the Community Feed.
Why is this the case?
Other TeamViewer vulnerabilities like CVE-2022-23242 are present in both.
Will be CVE-2024-0819 also included in the Community Feed?
Thanks
From time to time you will see products which have been covered in the community feed previously to be placed into the enterprise feed only at some later time.
This has also happened here and TeamViewer and similar remote support software will be only placed in the enterprise feed from now on (if not placed there already).
That’s not good to hear and weakens the Greenbone Community Edition in my opinion as TeamViewer is used in consumer environments as well and especially as there is no way to use the Greenbone Community Containers with the Enterprise Feed.
You should definitely consider to make the Enterprise Feed available (with a charge of course) for the Community Containers.
Best Regrads
Unfortunately such decisions are out of the reach of any Greenbone staff reading or answering in this forums.
Hopefully the person who decides will get reports from the team managing this forum.
Maybe you could give them some impressions on how to improve the product.
I am working for big companies (>5000 employees) and none of them will place a black box (Greenbone Appliance) in their racks.
It would really be a good idea to create an enterprise feed for those willing to pay.
On the opposite (at least for me when looking at a VT-Development level) a self build installation just using the enterprise feed would be actually such a black box (and not the Greenbone Appliance) i wouldn’t be able to support for any issues around VT problems (e.g. missing vulnerability detections due to own configuration / hardening on Linux / kernel side, …).
Fair point, but in a large scale computer center the administration offers controlled and managed access to docker environments, but not to the rack. To many things that must match, ILO, integration into monitoring, BTUs it is a colorful bunch of things that hast to match.
But unfortunately I am unable to invalidate your support argument. But as consequence they use a much weaker feed for 0€ while willing but unable to pay for an enterprise feed.
And that is all supported with your routing and switching infrastructure that is de facto a other X86_64 appliacne ? If you need the full feed working a appliance would still be the best and painless solution.
Just to be clear, this is not my point of view this is my experience when talking to the guys who are responsible.
In my reality they live with the weaker feed before adding hardware they do not know to their racks.