ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Which Automic Components can be impacted by the vulnerabilities CVE-2022-21476/CVE-2022-21449
Article ID: 240357
Updated On:
Products
CA Automic Workload Automation - Automation Engine
Issue/Introduction
Are there any recomendations whether and which Automic Components can be impacted by the above vulnerabilities?
OpenJDK Vulnerability Advisory: 2022/04/19 (java.net)
https://www.oracle.com/security-alerts/cpuapr2022.html
We use currently AdoptOpenJDK 11.0.9 for all our components.
Environment
Release : 12.3.8
Component :
Resolution
Automic will not have any impact related to this. It only impacts Oracle Java directly - You need to reach out to Oracle about impact and mitigation at oracle side.
It's a java vulnerability - solution will be an updated java version, but openjdk seems only affected by one of them in versions 8/11
https://openjdk.java.net/groups/vulnerability/advisories/2022-04-19
Feedback
Yes
No
Powered by
