2 Replies Latest reply on Feb 25, 2016 11:05 AM by fedchoice

    Apache Flex BlazeDS XXE Injection Risk

    fedchoice

      according to Support: "Apache Flex BlazeDS XXE Injection"
      We have implemented a fix for an XXE vulnerability to LEM 6.2.0 HotFix 2 and we suggest upgrading and performing the scan again. We recommend upgrade to version LEM 6.2.1 which include Hotfix2 and few other fixes. If the problem persists, please let us know.

      we have upgraded LEM to 6.2.1 a couple of months ago but still our vulnerability scan picking this up.

      anyone has seen this lately?

       

      Thank you,