search cancel

Customer reported potential security vulnerability in AXA servers (heap dump) with Spring Boot framework.

book

Article ID: 199877

calendar_today

Updated On:

Products

CA Application Performance Management SaaS

Issue/Introduction

Customer reported potential security vulnerability in AXA servers (heap dump) with Spring Boot framework.

Environment

APM SAAS 20.1

Cause

###Vulnerable_URL:  (Cloud URL found in the latest Android version of customer app)
https://collector-axa.cloud.ca.com/heapdump

Resolution

Our dev team was aware of the problem and planned to included a fix in the next release.  As for the other potential security vulnerability in AXA SDK, the fix plan is still being discussed and prioritized for a future release.