DX Network Flow Analysis may be flagged for CVE-2024-22243 Spring Framework Open Redirect Vulnerability.

NFA Console and Harvester 23.3.9 and prior.

NFA Consoles Migrator uses 5.3.20.
NFA Console Service: OData which uses 5.3.27.
NFA Console Services: SSO & RIB use 5.3.28.
NFA Harvester Services use 5.3.20.

We have an open Feature: F144397 to get this resolved, and we are currently targeting NFA 23.3.10 for all NFA fixed. However the SSO code will likely not see a resolution until 23.3.12.

There is a DX NetOps Capability opened C19881 to address the rest of DX NetOps.