Is Dollar Universe affected by CVE-2019-17571 vulnerability
search cancel

Is Dollar Universe affected by CVE-2019-17571 vulnerability

book

Article ID: 231105

calendar_today

Updated On:

Products

CA Automic Dollar Universe

Issue/Introduction

CVE-2019-17571 vulnerability included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data.

Environment

Release : 6.x

Component : DOLLAR UNIVERSE

Resolution

CVE-2019-17571 is present in the log4j jar files we deliver.
But the product itself is not vulnerable to it, as we do not use this feature.

We do not listen at all to untrusted network traffic and we do not make usage of these code.

Additional Information

https://nvd.nist.gov/vuln/detail/CVE-2019-17571

Powered by Wolken Software