Summary
ESET development team for ESET Enterprise Inspector (EEI) has found an issue which can rapidly bring the EEI server database to an inconsistent state. The fixed version, 1.3.1128.0, is available for customers in order to prevent this from happening.
Details
The EEI development team has determined that EEI server corruption may occur over time, due to the possible overflow of ID variables in certain tables – in older versions of the EEI server. To check your EEI deployment, you can run SQL query:
SELECT max(moduleId) FROM modules SELECT max(ciId) FROM cloud_information;
If the returned values surpass the int32 max (2 147 483 647), this may lead to database corruption. To the best of our knowledge, there have been no reports of this issue from our customers yet.
Solution
We recommend that all EEI customers upgrade ESET Enterprise Inspector server deployments to the latest available version 1.3.1128.0. Once the server upgrade is complete, we recommend upgrading the agents to the most up-to-date version as well..
NOTE:
There is a previous version within the 1.3 branch (version 1.3.1124.0), which contains an unrelated bug that could cause a crash of the Agent under very specific conditions, which in turn means some events would not be sent to the Server. This is also fixed in version 1.3.1128.0 and thus we recommend upgrading to this version directly, skipping the 1.3.1124.0 build.
Affected programs and versions
- ESET Enterprise Inspector server v.1.2.894.0 and lower
Feedback & Support
If you have feedback or questions about this issue, please contact us using the ESET Security Forum, or via local ESET Support.
Version log
Version 1.0 (September 30, 2019): Initial version of this document