Vunerability on ALM12.53 Server?

Question ID: 109260
1
0

Our Systems guys ran an enterprise  security audit and say we had a vulnerability (JBoss Enterprise Application Platform (EAP) Status Servlet Request Remote Information Disclosure) reported on one of our ALM servers. Have you encountered this before and have any recommendations for resolution?

Marked as spam
Posted by (Questions: 180, Answers: 13)
Asked on February 1, 2020 12:03 pm
15 views
Answers
1
Private answer

ALM does not use “JBOSS” any longer way back to v. 11.
Now it uses “JETTY”.

There is no way ALM threw this JBOSS vunerability.

Some old load of QC10 may have, though, but that is OUT of Support and very, very old.

Marked as spam
Posted by (Questions: 3, Answers: 454)
Answered on February 1, 2020 12:05 pm