DLP Vulnerability Assessment for CVE-2024-38816 and CVE-2024-38819
Article ID: 377848
Updated On:
Products
Data Loss Prevention
Issue/Introduction
Need Vulnerability Assessment for CVE-2024-38816
And for CVE-2024-38819.
(This is similar to CVE-2024-38816, but with different input.)
Both reference Path traversal vulnerability in functional web frameworks
Environment
DLP 15.x
DLP 16.x
Resolution
DLP does not use either of the affected frameworks: WebMvc.fn nor WebFlux.fn.
We don't serve paths (or anything else ) with WebFlux.fn or WebMVC.fn.
Additionally, DLP uses Tomcat which blocks this type of malicious request.
Feedback
Yes
No
Powered by
