search cancel

CVE-2022-42889 and CA Config Automation

book

Article ID: 252499

calendar_today

Updated On:

Products

CA Configuration Automation

Issue/Introduction

CVE-2022-42889 was published in the National Vulnerability Database on 13 October,, 2022.  More information can be found here

The vulnerability is caused by the use of Apache Commons Text 1.5 through 1.9. 

 

Is CA Configuration Automation affected by this?

Environment

All versions of CA Configuration Automation (CA Configuration Automation)

Resolution

2022-10-19: Broadcom Support and Engineering are looking into this on priority.  Please check back on this article regularly for updates.