search cancel

Does vulnerability CVE-2022-42889 affects PAM ?

book

Article ID: 253574

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Is Vulnerability CVE-2022-42889 affecting Privileged Access Manager ?

Environment

Release : 4.0.x and 4.1 

Cause

Vulnerability investigation on PAM https://nvd.nist.gov/vuln/detail/CVE-2022-42889

Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded

Resolution

Privileged Access Manager is NOT affected by this vulnerability as it is not using the vulnerable StringSubstitutor class

None of the PAM versions are affected.