Query regarding impact of CVE-2026-24734 on Messaging Gateway
search cancel

Query regarding impact of CVE-2026-24734 on Messaging Gateway

book

Article ID: 432890

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Is Messaging Gateway affected by vulnerability stated in CVE-2026-24734?

Environment

10.9.2

Resolution

CVE-2026-24734

  • Referencing NIST: Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed.
  • SMG 10.9.2 is currently shipped with tomcat-9.0.97 which is NOT in the affected software versions range, hence is not impacted.
Powered by Wolken Software