Java Agent 24.09 Vulnerabilities
search cancel

Java Agent 24.09 Vulnerabilities

book

Article ID: 388095

calendar_today

Updated On:

Products

DX Application Performance Management

Issue/Introduction

Below are the new vulnerabilities reported for Java agent 2024.09 patch:-

Component Name Component Version CVE (Vulnerability ID) Security Risk CVSS Score
Apache Tomcat 9.0.87 BDSA-2024-9919 HIGH 8.5
Apache Tomcat 9.0.87 BDSA-2024-9762 HIGH 8.8
Apache Tomcat 9.0.87 BDSA-2024-8736 MEDIUM 6.4
IBM MQ 9.3.2.0 CVE-2024-35156 MEDIUM 6.5
Spring Security 5.7.12 BDSA-2024-8942 MEDIUM 4.2
Logback 1.2.13 BDSA-2024-9866 MEDIUM 5.8
Logback 1.2.13 BDSA-2024-9861 MEDIUM 6.5
Spring Framework 5.3.37 BDSA-2024-8653 MEDIUM 4.9

Environment

 
DX Application Performance Management 24.2
 
JAVA AGENT 2024.09

Resolution

These are medium severity and will be fixed in next release 25.3 or 25.4.