Are AAI(JAWS) and any AAI Connectors affected by these vulnerabilities vulnerabilities below?
https://tanzu.vmware.com/security/cve-2022-22963
https://tanzu.vmware.com/security/cve-2022-22965
https://tanzu.vmware.com/security/cve-2022-22950
6.4.2-1 and earlier.
AAI and all Framework based connectors, such as the Automic, ESP, and Control-M connectors, are impacted by the CVE-2022-22950(Medium threat level) vulnerability, but not the CVE-2022-22965(Critical) and CVE-2022-22963(Critical) vulnerabilities.
The AAI Engineering team is aware of these vulnerabilities actively working on a resolution for all affected components.
Please check these document for updates as we will be updating it as more information becomes available.
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/20441