Indeni’s response to Spring4Shell 

On March 29th, 2022, a remote code execution vulnerability in Spring Cloud Foundation was published. The vulnerability is known as Spring4Shell, tracked as CVE-2022-22965. Researchers believe that the vulnerability affects Spring Core on JDK (Java Development Kit) 9 and above. Today, the vulnerability was upgraded to critical. 

Our engineering team was immediately engaged and confirmed that Indeni is not vulnerable to this issue. The Indeni product does not use JDK 9, nor springframework. If you have additional questions related to Spring4Shell, please do not hesitate to contact us. 


An avatar of the author

Ulrica de Fort-Menares is the Vice President of Product Management for Infrastructure Assurance.

Related content

Simplify NIS2 compliance with DNS management

Learn whether the EU’s NIS2 requirements apply to your organization and about how DNS management and BlueCat can boost your path to compliance.

Read more

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.