Hi Support,

Based on the URL, it affects solr version 8.8.2 or before.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27905

As from the document, solr v5.2.1 & v5.3 have been adopted.

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/4-5/third-party-software-acknowledgments.html

Can you please advise if any patch available for this CVE?

Thanks.

Release : 4.5

Component : API PORTAL

This does not really apply to portal. We are not exposing it outside of the stack and not using clustering or allow passing "masterUrl" (also "leaderUrl" alias) parameter. This container is scheduled to be removed in 5.1 as well