ApplicationXtender - Spring4Shell vulnerability

ApplicationXtender - Spring4Shell vulnerability

 

Applies to

  • ApplicationXtender Connector 16.3, 16.6

  • ApplicationXtender Connector for ShareScan OP 16.3

  • ApplicationXtender Desktop 16.3, 16.6, 20.3, 20.4

  • ApplicationXtender for Office 16.3

  • ApplicationXtender Image Capture 16.3, 16.6, 20.3

  • ApplicationXtender License Server 16.3, 16.6

  • ApplicationXtender Reports Management 16.3

  • ApplicationXtender SDK 16.3, 16.6, 20.3

  • ApplicationXtender Storage Retention Mgmt 16.3, 16.6, 20.3, 20.4

  • ApplicationXtender Web Access.NET 16.3

  • ApplicationXtender Web Services 16.3, 16.6, 20.3

  • ApplicationXtender Workflow Manager 16.3, 16.6

  • Ascent Enhanced Script for ApplicationXtender 16.3

 

Summary

Is ApplicationXtender susceptible to the Spring4Shell vulnerability reported in CVE-2022-22965?

 

Resolution

ApplicationXtender core components are not affected by the Spring4Shell vulnerability as the Spring Framework third-party component is not in use within the product.

 

CASO Knowledge Base