search cancel

CVE-2022-42889 - Agile Requirements Designer HUB

book

Article ID: 252551

calendar_today

Updated On:

Products

CA Agile Requirements Designer

Issue/Introduction

CVE-2022-42889 was published in the National Vulnerability Database on 13 October, 2022.  More information can be found here. 

The vulnerability is caused with the use of Apache Commons Text 1.5 through 1.9.  Is Agile Requirements Designer affected (ARD HUB) by this?

Environment

ARD HUB 3.x

Cause

Third Party Vulnerability

Resolution

Broadcom Engineering team has analyzed this vulnerability and found that ARD HUB is impacted by it.

The fix for this impact has been created and published in the ARD HUB 3.2.7 release which is available for download from support portal downloads section.

Direct Link(Needs support portal login):

- https://support.broadcom.com/group/ecx/productdownloads?subfamily=AGILE%20REQUIREMENTS%20DESIGNER