Customer reported potential security vulnerability in AXA servers (heap dump) with Spring Boot framework.

search cancel

Customer reported potential security vulnerability in AXA servers (heap dump) with Spring Boot framework.

book

Article ID: 199877

calendar_today

Updated On:

Products

CA Application Performance Management SaaS

Issue/Introduction

Customer reported potential security vulnerability in AXA servers (heap dump) with Spring Boot framework.

Environment

APM SAAS 20.1

Cause

###Vulnerable_URL: (Cloud URL found in the latest Android version of customer app)
https://collector-axa.cloud.ca.com/heapdump

Resolution

Our dev team was aware of the problem and planned to included a fix in the next release. As for the other potential security vulnerability in AXA SDK, the fix plan is still being discussed and prioritized for a future release.

Feedback

thumb_up Yes

thumb_down No