For the protection of your environment, SolarWinds strongly recommends all customers upgrade to the latest available version of Database Performance Analyzer (DPA 2022.1.7779).
You can download the 2022.1.7779 Service Release of DPA from the SolarWinds® Customer Portal.
SolarWinds has previously published a security advisory related to vulnerabilities from Spring software that is packaged within all prior releases of Database Performance Analyzer.
The Spring4Shell vulnerability is a third-party vulnerability in the Spring Framework, which is a popular framework used by Java developers to build modern applications. The Spring Framework is owned by VMware.
DPA 2022.1.7779 replaces all Spring Framework files affected by the Spring4Shell vulnerability (CVE-2022-22965).
Please see more information about this vulnerability and our investigation in:
For more details on the DPA 2022.1.7779 Service Release itself, please review the following:
- DPA 2022.1.7779 Release Notes
- DPA 2022.1 System Requirements
- DPA 2022.1 Administrator Guide
- DPA Installation and Upgrade Guide