search cancel

Vulnerability spring-core

book

Article ID: 200054

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE DX Application Performance Management

Issue/Introduction

Vulnerability found in "spring-core-5.0.8.RELEASE.jar"

- Path vulnerability found:

Path: /opt/ca/data/Introscope10.7.0.45/APMSqlServer/repo/spring-core-5.0.8.RELEASE.jar
Installed version : 5.0.8.RELEASE
Fixed version     : 5.0.16

- CVE

https://tanzu.vmware.com/security/cve-2020-5398

Environment

Application Performance Management 10.7

Resolution

Hotfix 67 address this problem, please raise a ticket in https://support.broadcom.com/ and ask for that.