pentest against AXES JVM

Use this Forum to post your “How to …” questions about your use of aXes. This is not a technical support forum. Both the aXes Support Team at LANSA and other aXes customers may answer your questions. LANSA cannot guarantee the accuracy of any information posted by customers.

Moderator: jeanmichel

Post Reply
jaimosky
Posts: 40
Joined: 30 May 2017, 16:48

pentest against AXES JVM

Post by jaimosky »

Hi,

has anybody perform a pentest againts an axes installations?
I performed one against Version 4.2.1.000.000000 and there are a couple of issues (with app.pentest-tools.com)

Vulnerabilities found for Moment.js 2.22.2 Risk level High Port / Protocol 443 / tcp
CVSS v3 CVSS v3: 7.5
EPSS EPSS: 0.04179
CVE-2022-31129
CVE-2022-24785

Vulnerabilities found for DataTables 1.10.13 Risk level High Port / Protocol 443 / tcp
CVSS v3 CVSS v3: 7.3
EPSS EPSS: 0.00931
CVE-2020-28458
CVE-2021-23445

Is it possible to get from axes patches for these vulnerabilities?
Top
Post Reply

Return to “"How do I do this"”