Insurance company says we are running a vulnerable version of Serv-U
What steps have you taken to resolve the issue?
We have a site with DNS thru Cloudflare - proxied so the IP shows as Cloudflare. Clien’s insurance company for IT security is saying the site is running a vulnerable version of SolarWinds Serv-U which must be because of the use of Cloudflare - nothing else we use for hosting uses SolarWinds products. How can I assure the insurance company that Cloudflare is up-to-date on their use of SolarWinds products? Has anyone else run into this when using Cloudflare?
That won’t be from Cloudflare. It’s either a mis-indentification by the scanner or picked up from your end. You’ll need to get details of how they determined this from their scan.
Oh, thank you for that - the domain is actually another site, the form just required a URL so I used it, I’d prefer not to publicize the actual domain. Everything we use for monitoring is very mainstream (Uptime Robot, etc.) and at first check, they all say they do not use SolarWinds so I was hoping it might be inaccurate. I’ll ask them for more info on the actual scan process - thank you!