search cancel

DX Netops Spectrum: Java Vulnerabilties (Unix April 2022 CPU)

book

Article ID: 240859

calendar_today

Updated On:

Products

CA Spectrum DX NetOps

Issue/Introduction

159974 Oracle Java SE Multiple Vulnerabilities (Unix April 2022 CPU) CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496
159948 OpenJDK 7 <= 7u331 / 8 <= 8u322 / 11.0.0 <= 11.0.14 / 13.0.0 <= 13.0.10 / 15.0.0 <= 15.0.6 / 17.0.0 <= 17.0.2 / 18.0.0 <= 18.0.0 Multiple Vulnerabilities (2022-04-19 CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496

 

161241 Oracle Java SE Multiple Vulnerabilities (Unix April 2022 CPU) CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496

Environment

Release : 21.2

Component : Spectrum OneClick

 

Cause

"Plugin Output: 
  Path              : Install-Tools/jre11/
  Installed version : 11.0.14
  Fixed version     : Upgrade to version 11.0.15 or greater" The remote host is affected by multiple vulnerabilities. "The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory

Apply the appropriate patch according to the April 2022 Oracle Critical Patch Update advisory. CVE-2022-21426,CVE-2022-21434,CVE-2022-21443,CVE-2022-21449,CVE-2022-21476,CVE-2022-21496"

 

Resolution

Broadcom has shipped build 11.0.16+8 in release 22.2.2

[[email protected] bin]# pwd
/usr/Spectrum/Install-Tools/jre11/bin
[[email protected] bin]# ./java -version
openjdk version "11.0.16" 2022-07-19
OpenJDK Runtime Environment Temurin-11.0.16+8 (build 11.0.16+8)
OpenJDK 64-Bit Server VM Temurin-11.0.16+8 (build 11.0.16+8, mixed mode)

 

Please upgrade to the latest available version to insure your security is at the highest level.

Additional Information