CVE-2023-4863 with respect to Automic Automation and AAI
search cancel

CVE-2023-4863 with respect to Automic Automation and AAI

book

Article ID: 274566

calendar_today

Updated On:

Products

CA Automic Service Orchestration - Automation Engine

Issue/Introduction

CVE ID: CVE-2023-4863

CVE Synopsis: Heap buffer overflow in libwebp in Google Chrome and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

CVE details can be referenced at https://nvd.nist.gov/vuln/detail/CVE-2023-4863

Environment

Automation Engine version: 12.3.x and 21.0.x

Automation Analytics & Intelligence 6.5.X

Resolution

Broadcom R&D confirms that both the  Automic and AAI products and their components are not impacted by vulnerability CVE-2023-4863.