Is Empower impacted by CVE-2022-22965 - Spring Java framework zero-day vulnerability? - WKB230892
Article number: 230892
ENVIRONMENT
- Empower
- Spring Java framework (Spring4Shell)
- CVE-2022-22965
ANSWER
No, Empower is not a Java-based application. Empower is not affected by CVE-2022-22965 - Spring Java framework zero-day vulnerability.
- WDM is the only Java-based component of Empower.
- WDM does not use Tomcat HTTP (web) server. (Tomcat web server is a prerequisite to exploit this CVE.)