UIM vulnerability for apache CVE-2022-42252
search cancel

UIM vulnerability for apache CVE-2022-42252

book

Article ID: 259942

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM) CA Unified Infrastructure Management On-Premise (Nimsoft / UIM)

Issue/Introduction

Would like to know if UIM is affected by CVE-2022-42252 

CVE-2022-42252

 

 

Environment

Release : UIM 20.4.x

Resolution

As we are not using the rejectIllegalHeader in wasp UIM  is not vulnerable . 

As wasp being used is on version 9.0.68 in UIM 20.4 CU5 or above versions, customer can consider upgrading to latest version of UIM if using lower UIM /OC versions 

Powered by Wolken Software