SV: Qualys - Spring Framework CM - vulnerabilities.
Article ID: 282232
Updated On:
Products
Service Virtualization
Issue/Introduction
Spring core vulnerabilities were found in the following Devtest install paths
| /opt/apps/devtest/lib/dradis/spring-core-5.3.20.jar;;/opt/apps/devtest/lib/shared/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/broker/solrservice/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/phoenix/phoenix-10.7.2/WEB-INF/lib/spring-core-5.3.20.jar;;/opt/apps/devtest/webserver/phoenix/res-hub-10.7.2/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/webapps/jasper-server/WEB-INF/lib/spring-core-5.3.20.jar;;/opt/apps/devtest/webserver/webapps/lisa-pathfinder-invoke/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/webapps/lisa-test-invoke/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/webapps/lisa-virtualize-invoke/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/lib/dradis/spring-core-5.3.20.jar;;/opt/apps/devtest/webserver/webapps/jasper-server/WEB-INF/lib/spring-core-5.3.20.jar;;/opt/apps/devtest/webserver/webapps/lisa-pathfinder-invoke/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/webapps/lisa-test-invoke/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/lib/shared/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/webapps/lisa-virtualize-invoke/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/phoenix/res-hub-10.7.2/WEB-INF/lib/spring-core-5.3.24.jar;;/opt/apps/devtest/webserver/phoenix/phoenix-10.7.2/WEB-INF/lib/spring-core-5.3.20.jar;;/opt/apps/devtest/lib/shared/spring-core-5.3.24.jar;;/opt/apps/devtest/lib/shared/spring-core-5.3.24.jar |
Environment
10.7.2 SP2
Cause
Spring core vulnerability
Resolution
This is fixed in SP4 and up.
Please download the Service pack from the link below:
Feedback
Yes
No
Powered by
