Cybersecurity
DevOps Cloud
IT Operations Cloud
This article gives the details of the way to address the Java vulnerability detected on the Traffic server: OpenJDK 8 <= 8u422 / 11.0.0 <= 11.0.24 / 17.0.0 <= 17.0.12 / 21.0.0 <= 21.0.4 / 23.0.0 <= 23.0.0 Multiple Vulnerabilities (2024-10-15).
NNM iSPI Performance for Traffic 2022.05
Operating System: Linux
NNM iSPI Performance for Traffic is installed on a dedicated server
Database type: Embedded Postgres
The security scanner reported the following vulnerability on the NNM iSPI Traffic server:
Title: OpenJDK 8 <= 8u422 / 11.0.0 <= 11.0.24 / 17.0.0 <= 17.0.12 / 21.0.0 <= 21.0.4 / 23.0.0 <= 23.0.0 Multiple Vulnerabilities (2024-10-15) CVE ID: CVE-2024-21235 Threat: "The version of OpenJDK installed on the remote host is 8 prior to 8u422 / 11.0.0 prior to 11.0.24 / 17.0.0 prior to 17.0.12 / 21.0.0 prior to 21.0.4 / 23.0.0 prior to 23.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-10-15 advisory. Solution: Upgrade to an OpenJDK version greater than 8u422 / 11.0.24 / 17.0.12 / 21.0.4 / 23.0.0