The following vulnerability was found with the AWI and httpclient.jar files:
CVE-2020-13956 - https://nvd.nist.gov/vuln/detail/CVE-2020-13956 - automic.sso.jar:lib/httpclient.jar, org.eclipse.osgi/xx/x/.cp/lib/httpclient.jar - affects versions prior to 4.5.13 and 5.0.3
Medium risk/impact vulnerability with 3rd party .jar file
Release : 12.3
Component : AUTOMATION ENGINE
As CVE-2020-13956 (httpclient.jar) is a medium risk vulnerability, this will not be fixed in 12.3 or future releases. If there's a specific use case that can be shown that presents a security risk, please open a case with Support with steps to reproduce and impact of the security risk and a fix can be re-visited.