Security Scanners Are Still Detecting CVE-2022-23302 Vulnerability in the AM Server Even After Upgrading to v8.6 Patch 3
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.6 Patch 3
Issue
/opt/rsa/am/appserver/wls/.patch_storage/34236279_Jun_2_2022_21_32_46/files/oracle.wls.core.app.server/12.2.1.4.0/wls.common.symbol/modules/oracle.owasp/com-bea-core-apache-log4j.jar Installed version : 1.2.17
/opt/rsa/am/appserver/wls/.patch_storage/34236279_Jun_2_2022_21_32_46/files/oracle.wls.libraries/12.2.1.4.0/wls.common.symbol/modules/com.bea.core.apache.log4j.jar Installed version : 1.2.17
Cause
Resolution
Related Articles
Upgrading to Authentication Manager 8.4 fails with the error message "Unable to delete file /opt/rsa/am/server/wrapper/bac… Number of Views How to enable verbose / debug logging on Authentication Manager, AM Web Tier v. 8.x Number of Views GUI shows initialization error "ORA-04063: package body "AVUSER.UTILITIES_PKG" has errors" after patching to 7.5.2 P07 in … Number of Views Indirect Relationship Processing fails with ORA-30926 and 'ORA-06512: at "AVUSER.CE_USERS" ' errors after Migration to 7.0… Number of Views RSA RADIUS Service stopped after upgrading to AM 8.6 Number of Views
Don't see what you're looking for?
