Skip to main content
Kofax

Is Kofax RPA impacted by the CVE-2022-22965 RCE Vulnerability?

Article # 3041780 - Page views: 850

Question

Is Kofax RPA impacted by the CVE-2022-22965 RCE (Spring4Shell) Vulnerability?

Answer

Kofax RPA has a set of patches to address this vulnerability. Please select the one for your Kofax RPA version:

Version Fix (download link)
10.4.0.x - 11.0.0.x KofaxRPA-10.4.0.x-11.0.0.x.FIX1793157.zip
11.1.0.x KofaxRPA-11.1.0.x.FIX1793157.zip
11.2.0.x KofaxRPA-11.2.0.x.FIX1793157.zip

 

Please note that only installation on Tomcat is affected as stated in the CVE article "The specific exploit requires the application to run on Tomcat as a WAR deployment"

https://cve.mitre.org/cgi-bin/cvenam...CVE-2022-22965

 

Please check this article regularly for future progress of this investigation. 

 

Level of Complexity 

Moderate

 

Applies to  

Product Version Build Environment Hardware
Kofax RPA 10.4 and later      

References

Add any references to other internal or external articles

 

Article # 3041780
  • Was this article helpful?