The following vulnerability was found with the AWI and commons-collections.jar vulnerabilities:
CVE-2015-6420 - https://nvd.nist.gov/vuln/detail/CVE-2015-6420 - automic.sso.jar:lib/commons-collections.jar, org.eclipse.osgi/xx/x/.cp/lib/commons-collections.jar
High risk/impact vulnerability with 3rd party .jar file
Release : 12.3
Component : AUTOMATION ENGINE
This will be resolved in a future release of 12.3 and version 21. It will be resolved by using an upgraded version of commons-collections.jar