Skip to first unread message
Tiago Fortunato Costa
Apr 19, 2022, 3:34:01 PM4/19/22
to AtoM Users
good afternoon everyone,
I would like to ask if the Spring4Shel vulnerability. Affects the ATOM.
Dan Gillean
Apr 20, 2022, 8:39:00 AM4/20/22
to ICA-AtoM Users
Hi Tiago,
Thanks for the question!
I've asked for an initial analysis from our Security expert, but we'll continue looking into this. However, so far I would say that if you are following AtoM's recommended installation instructions, this vulnerability should not impact AtoM. We do not use the Spring framework in AtoM, and we do not recommend Apache Tomcat for use as an application server (another prerequisite for the vulnerability).
As I said, we'll continue monitoring this, since AtoM does require Java to support Elasticsearch, but as of now there is no impact from Spring4Shell.
Cheers,
he / him
On Tue, Apr 19, 2022 at 3:34 PM Tiago Fortunato Costa <tiago.fo...@gmail.com> wrote:
good afternoon everyone, I would like to ask if the Spring4Shel vulnerability. Affects the ATOM.
--
You received this message because you are subscribed to the Google Groups "AtoM Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ica-atom-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ica-atom-users/b947e11c-a791-404f-acac-370d81bbb021n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages