Regarding the rsync vulnerability described in this link: https://access.redhat.com/security/cve/cve-2024-12084 .

In the Broadcom techdocs of the API Gateway  , it  reads that rsync service has the default status 'off' .

Could you confirm that no action is needed from our customers to mitigate this cve

gateway 11.1.1 on debian 12 

Gateway is not vulnerable as long as the rsync service is not enabled. 

This service is disabled by default on our appliance gateway based on Debian 12 .

Debian released a fix which will be in the next MPP patch