Spring Framework vulnerabilities (CVE-2022-22965, CVE-2022-22963)
Scheduled Maintenance Report for ControlUp Status Page
The scheduled maintenance has been completed.
Posted Apr 14, 2022 - 09:39 UTC

Following the discovery of Spring Framework vulnerabilities (CVE-2022-22965, CVE-2022-22963) from the 29th of March 2022, we conducted a full investigation and concluded that there is no vulnerable Spring Framework installed on any of our ControlUp systems.

We can confirm that no Spring Framework vulnerabilities exist on any of our customer installed components and products:

o Real-Time DX Agent

o Real-Time DX Console

o Real-Time DX Monitor Service

o Real-Time DX On-Premises Server (COP)

o Insights On-Premises (IOP)

o Solve On-Premises (SOP)

o Remote DX Plug-ins

o Edge DX Agent

o Scoutbees Custom Hive

If you have any questions, please contact us via support@controlup.com.
Posted Apr 14, 2022 - 09:26 UTC