ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
Create e modernizzate le applicazioni aziendali utilizzando una tecnologia moderna
The leading solution for COBOL application modernization
Modernizzazione delle applicazioni, dei processi di consegna, dell'accesso e dell'infrastruttura mainframe IBM
Modernizzate l’accesso alle applicazioni host: più semplice da usare, integrare e gestire, e più sicuro
Conseguite l’interoperabilità dei sistemi in tutta l’azienda
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
Sviluppo sicuro, test della sicurezza e monitoraggio e protezione continui
Augment human intelligence
Crittografia, tokenizzazione e gestione delle chiavi per la deidentificazione e la privacy
Un approccio integrato a Identity & Access Management
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
Rilevate le minacce note e sconosciute attraverso correlazione, acquisizione di dati e analisi
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
Dedicarsi alla fornitura di esperienza dell’utente finale e service desk efficienti grazie al machine learning
La prima soluzione di monitoraggio autonoma e containerizzata per gli ambienti IT ibridi
Automatizzate e gestite reti tradizionali, virtuali e definite dal software
Scoperta e gestione degli elementi di configurazione (CI) in ambienti IT ibridi.
Semplificare l'evasione automatica e rafforzare la governance
Automatizzazione dei processi IT end-to-end
Manage IT & software assets for better compliance
Automatizzate il provisioning, l’installazione di patch e la conformità in tutto il data center
Costruzione, protezione e ridimensionamento dei processi aziendali automatizzati in tutta l'azienda
Ottenete informazioni utili dai big data con analisi in tempo reale e cercate i dati non strutturati.
Tutta la formazione Micro Focus in un unico punto
Acquisire le competenze necessarie per avere successo
Aumentate la velocità, eliminate i colli di bottiglia e migliorate continuamente la consegna dei software
ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
Access all products in application delivery management
Modernizzate i principali sistemi aziendali per promuovere la trasformazione aziendale
Create e modernizzate le applicazioni aziendali utilizzando una tecnologia moderna
The leading solution for COBOL application modernization
Modernizzazione delle applicazioni, dei processi di consegna, dell'accesso e dell'infrastruttura mainframe IBM
Modernizzate l’accesso alle applicazioni host: più semplice da usare, integrare e gestire, e più sicuro
Conseguite l’interoperabilità dei sistemi in tutta l’azienda
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
Access all products in Application Modernization & Connectivity
La sicurezza al centro di tutto quello che fate: operazioni, applicazioni, identità e dati
Sviluppo sicuro, test della sicurezza e monitoraggio e protezione continui
Augment human intelligence
Crittografia, tokenizzazione e gestione delle chiavi per la deidentificazione e la privacy
Un approccio integrato a Identity & Access Management
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
Rilevate le minacce note e sconosciute attraverso correlazione, acquisizione di dati e analisi
Access all products in CyberRes
Soluzioni legali, di conformità e privacy affidabili e comprovate
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
Access all products in Information Management and Governance
Accelerate le operazioni del vostro reparto IT alla velocità di DevOps
Dedicarsi alla fornitura di esperienza dell’utente finale e service desk efficienti grazie al machine learning
La prima soluzione di monitoraggio autonoma e containerizzata per gli ambienti IT ibridi
Automatizzate e gestite reti tradizionali, virtuali e definite dal software
Scoperta e gestione degli elementi di configurazione (CI) in ambienti IT ibridi.
Semplificare l'evasione automatica e rafforzare la governance
Automatizzazione dei processi IT end-to-end
Manage IT & software assets for better compliance
Automatizzate il provisioning, l’installazione di patch e la conformità in tutto il data center
Costruzione, protezione e ridimensionamento dei processi aziendali automatizzati in tutta l'azienda
Access all products in IT Operations Management
Date forma alla vostra strategia e trasformate il vostro IT ibrido.
Ottenete informazioni utili dai big data con analisi in tempo reale e cercate i dati non strutturati.
Fornite al vostro team tutto il necessario per garantire le massime prestazioni alla vostra azienda
CVE Description: A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Yes, and we have a robust, dedicated, full-time threat intelligence team with a Micro Focus-wide view, that is constantly reviewing new reports of vulnerabilities, threats, and compromises for possible impact to our information assets.
Micro Focus implements a Secure Development Lifecycle that includes Supply Chain Security, 3rd Party Component Manifest and 3rd Party Component Monitoring. Using these formal practices, we help ensure that 3rd party components are sourced from trusted repositories, scanned and tested, free of known CVEs, and signed to ensure authenticity. New vulnerabilities are scanned and tracked to ensure closure. Additionally, Micro Focus has scheduled rolling scans using a variety of tools to detect a wide variety of vulnerabilities. Vendor rule sets/signatures and code are typically scrutinized after a new vulnerability announcement. We continue to get updates from our security vendors and internal security community on the latest scanning techniques for CVE-2022-22965 and other vulnerabilities. We also take a risk-based approach to prioritizing which patches get applied first.
We are prioritizing CVE-2022-22965 alongside other patch efforts. We rank potential patches according to CVSS scoring, and also our own enhanced scoring system that takes additional data points into account. Configuration changes or patch installations require Quality Assurance analysis and testing prior to deployment to production systems to prevent unexpected service interruptions.
At present, we are not aware of any current indications of compromise related to CVE-2022-22965 or related vulnerabilities.
At present, we are not aware of any improper access or disclosure of customer data related to CVE-2022-22965 or any related vulnerabilities.
April 4, 2022
Micro Focus continues to monitor CVE-2022-22965 vulnerability closely and issues appropriate patches, security bulletins and communications to support our customers. As this is a still evolving situation we will monitor and actively address changes. Keep watching the Micro Focus Security Bulletins for any changes resulting from further industry analysis of this vulnerability. Micro Focus is committed to continue to provide prompt remediation if the situation develops further. We will periodically update this page to ensure you have the latest information on our status.
If you don’t see your product listed, please come back for updates. Please contact support if urgent.