CVE-2022-32211 Questions

Geomas · July 3, 2022, 8:41am

Does CVE-2022-32211 affect version 4.7.0 of Rocket.Chat?

Also, how can one ascertain whether one’s Rocket.Chat server has been compromised?

Geomas · July 3, 2022, 11:21am

Additional questions:

What, if anything, can be done to mitigate the risk of this vulnerability short of updating Rocket.Chat?

I am presently unable to update Rocket.Chat owing to the problem I described here:

Would it be advisable to simply shut down my server?

dudanogueira · July 4, 2022, 11:49am

Hi!

You can always prevent external access. As you are running on a VPS, let’s try upgrading it

I have missed your last message, and have just answered it to something that may help.

Please, consider joining our Community Support Channel so others can also jump in and help you out. (Don’t forget to post the link to the forums so we can keep things in sync )

Thanks!

Geomas · July 5, 2022, 9:36am

I registered a new account on open.rocket.chat using the same user name as here. However, even after email address verification, when I attempt to log in, I receive “User not found or incorrect password” notice.

Topic		Replies	Views
Update from 4.7.0 to 4.8.1 Fails Community Support	2	765	July 5, 2022
DigitalOcean RocketChat 2.1 => 3.1.1 upgrade Community Support	3	2573	May 4, 2020
Rocket Chat upgrade 4.8.1 > 5.0.1 (error) Community Support	0	603	August 3, 2022
RocketChat suddenly fails to load (or stay running) Community Support	6	947	September 26, 2022
Upgrade Failure from 2.4.9 to 3.0.3 Community Support	1	2995	March 16, 2020

Join our Community Open Call tomorrow where we'll share more details regarding recent changes and answer questions about updating your workspace to the latest Rocket.Chat

CVE-2022-32211 Questions

Related Topics