https://stoeps.de/tags/security/ Recent content in Security on Hugo -- gohugo.io en christoph.stoettner@stoeps.de (Christoph Stoettner) christoph.stoettner@stoeps.de (Christoph Stoettner) &copy; 2026 Christoph Stöttner - This work is licensed under [CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/) <span class='footerimg'><img src='https://mirrors.creativecommons.org/presskit/icons/cc.svg' alt='' style='max-width: 1em;max-height:1em;margin-left: .2em;'><img src='https://mirrors.creativecommons.org/presskit/icons/by.svg' alt='' style='max-width: 1em;max-height:1em;margin-left: .2em;'><img src='https://mirrors.creativecommons.org/presskit/icons/sa.svg' alt='' style='max-width: 1em;max-height:1em;margin-left: .2em;'></span> Fri, 26 Sep 2025 18:00:00 +0200 https://stoeps.de/posts/2025/hcl_connections_is_vulnerable_for_cve-2025-54988/ Fri, 26 Sep 2025 18:00:00 +0200 christoph.stoettner@stoeps.de (Christoph Stoettner) https://stoeps.de/posts/2025/hcl_connections_is_vulnerable_for_cve-2025-54988/ <p>HCL published the <a href="https://support.hcl-software.com/csm?id=kb_article&amp;sysparm_article=KB0124266" target="_blank" rel="noreferrer">Security Bulletin: HCL Connections is affected by an XML External Entity (XXE) vulnerability in Apache Tika (CVE-2025-54988)</a> that Connections is also vulnerable for <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-54988" target="_blank" rel="noreferrer">CVE-2025-54988</a>!</p> https://stoeps.de/posts/2025/websphere_troubleshooting_disable_security/ Wed, 09 Apr 2025 21:00:00 +0200 christoph.stoettner@stoeps.de (Christoph Stoettner) https://stoeps.de/posts/2025/websphere_troubleshooting_disable_security/ <p>Most of the LDAP connections from IBM WebSphere Application Server are configured with TLS. So you need to have the root certificate in the WebSphere truststore to connect.</p> https://stoeps.de/posts/2024/cve-2024-23557/ Sun, 21 Apr 2024 17:30:00 +0200 christoph.stoettner@stoeps.de (Christoph Stoettner) https://stoeps.de/posts/2024/cve-2024-23557/ <p>Some time back, I stumbled upon a flaw in HCL Connections 7 and 8 that allowed for user enumeration. This flaw could be exploited by anonymous users.</p> https://stoeps.de/posts/2022/update-elasticsearch-certificates/ Fri, 02 Sep 2022 13:00:00 +0200 christoph.stoettner@stoeps.de (Christoph Stoettner) https://stoeps.de/posts/2022/update-elasticsearch-certificates/ <p>Elasticsearch in HCL Connections Componentpack is secured with Searchguard and needs certificates to work properly. These certificates are generated by <a href="https://help.hcltechsw.com/connections/v7/admin/install/cp_install_services_tasks.html?hl=bootstrap#cp_install_services_tasks__section_iqb_24c_qmb" target="_blank" rel="noreferrer">bootstrap</a> during the initial container deployment with <code>helm</code>.</p> <p>These certificates are valid for 10 years (<code>chain_ca.pem</code>) or 2 years (<code>elasticsearch*.pem</code>) and stored in the Kubernetes secrets <code>elasticsearch-secret</code>, <code>elasticsearch-7-secret</code>. So when your HCL Connections deployment is running for 2 years, the certficates stop working.</p> https://stoeps.de/posts/2022/videostreaming_in_hcl_connections/ Mon, 07 Mar 2022 14:50:00 +0100 christoph.stoettner@stoeps.de (Christoph Stoettner) https://stoeps.de/posts/2022/videostreaming_in_hcl_connections/ <p>In late 2021 I had an HCL Connections environment starting swapping, because the AppCluster used more than 30 GB of memory.</p> <p>The system has</p> <ul> <li>two nodes</li> <li>is installed with the medium-sized deployment option</li> <li>About 7500 users with a high adoption rate, because Connections is also used as intranet</li> </ul>