cancel
Showing results for 
Search instead for 
Did you mean: 
SamPirok
Community Manager Community Manager
Community Manager

Summary

Extreme Networks has reviewed and evaluated product and software exposure to CVE-2022-22950.

In Spring Framework, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.

Products not listed in the Impact Details section have not been evaluated.  Furthermore, products that have exceeded any software maintenance time periods are also not evaluated and will not be published.  Please consult End of Sale and End of Service Life - Extreme Networks for the EOL notices related to the product under question.

Products Potentially Affected

Any version of Spring Framework prior to 5.3.17 or 5.2.20.

Please see the full security advisory here for more details. 
2 Comments
CraigW
New Contributor
Hi Sam

Any view as to when a repair recommendation will be available for XIQ-SE?

Kind regards
SamPirok
Community Manager Community Manager
Community Manager
Hi Craig, sorry for the delay here, I haven't been able to find anything definite here, but if you can open a support case with this question, they might be able to ring some bells I can't without a case. Sorry I couldn't be more helpful here.
GTM-P2G8KFN