spectrumgtw probe "java debug wire protocol remote code execution" vulnerability CVE-2021-20032
search cancel

spectrumgtw probe "java debug wire protocol remote code execution" vulnerability CVE-2021-20032

book

Article ID: 249891

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

How to remediate "java debug wire protocol remote code execution" CVE-2021-20032 vulnerability?

Environment

Release : 20.4

Component : UIM - SECURITY VULNERABILITIES

Resolution

The workaround to remediate "java debug wire protocol remote code execution" CVE-2021-20032 vulnerability.

  1. Please install spectrumgtw-8.6.9-HF3

  2. Right-click on the spectrumgtw and select Edit
  3. update the Arguments section (remove red color argument and keep the existing green color argument )
    Existing like : -Xrunjdwp:transport=dt_socket,server=y,address=4321,suspend=n -jar  lib/spectrumgtw-8.6.9.jar
    Expected/fix : -jar  lib/spectrumgtw-8.6.9.jar

  4. Restart the probe.
  5. The Fix will be included in the next release of spectrumgtw probe.
Powered by Wolken Software