Cybersecurity
DevOps Cloud
IT Operations Cloud
OpenText product name changes coming to the community soon! Learn more.
This article gives the details of the way to address the Java vulnerability detected on the Traffic server: OpenJDK 8 <= 8u422 / 11.0.0 <= 11.0.24 / 17.0.0 <= 17.0.12 / 21.0.0 <= 21.0.4 / 23.0.0 <= 23.0.0 Multiple Vulnerabilities (2024-10-15).
NNM iSPI Performance for Traffic 2022.05
Operating System: Linux
NNM iSPI Performance for Traffic is installed on a dedicated server
Database type: Embedded Postgres
The security scanner reported the following vulnerability on the NNM iSPI Traffic server:
Title: OpenJDK 8 <= 8u422 / 11.0.0 <= 11.0.24 / 17.0.0 <= 17.0.12 / 21.0.0 <= 21.0.4 / 23.0.0 <= 23.0.0 Multiple Vulnerabilities (2024-10-15) CVE ID: CVE-2024-21235 Threat: "The version of OpenJDK installed on the remote host is 8 prior to 8u422 / 11.0.0 prior to 11.0.24 / 17.0.0 prior to 17.0.12 / 21.0.0 prior to 21.0.4 / 23.0.0 prior to 23.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-10-15 advisory. Solution: Upgrade to an OpenJDK version greater than 8u422 / 11.0.24 / 17.0.12 / 21.0.4 / 23.0.0