Spring4Shell, CVE-2022-22963 & CVE-2022-22950 impact on FlexNet Publisher

Spring4Shell, CVE-2022-22963 & CVE-2022-22950 impact on FlexNet Publisher

Query: 

A vulnerability identified as Spring4Shell, CVE-2022-22963 & CVE-2022-22950 has been reported recently however is Flexnet publisher using the spring framework or if there is any impact on these vulnerabilities? 

Answer:

No, FNP does not use the spring framework so there is no impact due to the recent Spring4Shell vulnerability. 


References:

  1. https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/
  2. https://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/
  3. https://www.contrastsecurity.com/security-influencers/new-spring4shell-vulnerability-confirmed-what-it-is-and-how-to-be-prepared
  4. https://tanzu.vmware.com/security/cve-2022-22950
  5. https://tanzu.vmware.com/security/cve-2022-22963

 

Was this article helpful? Yes No
No ratings
Version history
Last update:
‎Mar 31, 2022 11:11 AM
Updated by:
Contributors