[CA7318] Upgrade to the latest version of ESET Enterprise Inspector to avoid possible database inconsistency

ESET Customer Advisory 2019-0016
September 30, 2019
Severity: High

Summary

ESET development team for ESET Enterprise Inspector (EEI) has found an issue which can rapidly bring the EEI server database to an inconsistent state. The fixed version, 1.3.1128.0, is available for customers in order to prevent this from happening.

Details

The EEI development team has determined that EEI server corruption may occur over time, due to the possible overflow of ID variables in certain tables – in older versions of the EEI server. To check your EEI deployment, you can run SQL query:

SELECT max(moduleId) FROM modules SELECT max(ciId) FROM cloud_information;

If the returned values surpass the int32 max (2 147 483 647), this may lead to database corruption. To the best of our knowledge, there have been no reports of this issue from our customers yet.

Solution

We recommend that all EEI customers upgrade ESET Enterprise Inspector server deployments to the latest available version 1.3.1128.0. Once the server upgrade is complete, we recommend upgrading the agents to the most up-to-date version as well..

NOTE:

There is a previous version within the 1.3 branch (version 1.3.1124.0), which contains an unrelated bug that could cause a crash of the Agent under very specific conditions, which in turn means some events would not be sent to the Server. This is also fixed in version 1.3.1128.0 and thus we recommend upgrading to this version directly, skipping the 1.3.1124.0 build.

Affected programs and versions

  • ESET Enterprise Inspector server v.1.2.894.0 and lower

Feedback & Support

If you have feedback or questions about this issue, please contact us using the ESET Security Forum, or via local ESET Support.

Version log

Version 1.0 (September 30, 2019): Initial version of this document