This is a Self Service Diagnostics article of type Partial-Self-Service.
Self Service Summary
Issue |
Solution |
Tasks |
Alternative |
A Dynatrace component is suspected to be vulnerable. |
Get in touch with Support after and checking cve-status.dynatrace.com
|
-
Check Dynatrace CVE status (Common Vulnerabilities and Exposures) page at cve-status.dynatrace.com for summaries of known vulnerabilities and exposures in Dynatrace components.
-
If no one else has reported the problem, create a support ticket.
|
Search CVE-# within the Release Notes |
Support Ticket Content
Work with your Security Team to provide the following Self Service Diagnostics:
- Dynatrace component: Which component incl. version is suspected to be vulnerable (e.g. SaaS 1.240, Managed 1.240, OneAgent 1.240, ActiveGate 1.239, Dynatrace API 1.240, Cloud Automation 240.1.0)
- Vulnerability source and details: Describe how the vulnerability was found and attach if applicable:
- Complete report/test result
- CVE-#
- Severity level or CVSS
- Path to the affected library
- Tool/scanner name
- How to reproduce the security concern/pentest (e.g. attack vector, exploit)
- Required update: As a customer, I want to know e.g.
- If I am affected
- How I am affected
- If it is of high severity
- In which version it will be fixed
- When the fix version will be available