Feature #248: [Security Audit Round 2 ] Framework Obsolete Version in usage (Repeated) - E-Arogya - Redmine

Actions

Copy link

Feature #248

open

Feature #235: [Security Audit Round 2 ]

[Security Audit Round 2 ] Framework Obsolete Version in usage (Repeated)

Added by Kalyan Battula 12 months ago. Updated 11 months ago.

Status:

Resolved

Priority:

High

Assignee:

Vasu Malladi

Category:

Target version:

Sprint 3 (14th to 17th May 2024)

Start date:

01/05/2024

Due date:

% Done:

Estimated time:

Deployed In:

Category:

Description

Framework Obsolete Version in usage (Repeated)
observation : Repeated
CWE : CWE-1035
Description :
It is observed that java spring boot older version in usage.
Affected Path(s) :
/(Webserver)
Impact :
Known type of vulnerabilities exists in the application due to the usage of lower version.
Evidence/Proof Of Concept :
Step 1: Outdated Spring boot Framework version is being used in the application.

Step 2: It is found that 2.5.4 version life support is ended on May 10, 2023

Step 3: Share updated POC for next level audit
Recommendation :
It is recommended to upgrade to the latest stable and secure version of springframework.

Files

Download all files

clipboard-202405011242-juhij.png (22.7 KB) clipboard-202405011242-juhij.png		Kalyan Battula, 01/05/2024 12:42 PM
clipboard-202405011242-kcqdn.png (85.9 KB) clipboard-202405011242-kcqdn.png		Kalyan Battula, 01/05/2024 12:42 PM

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

E-Arogya

Custom queries

Feature #248

[Security Audit Round 2 ] Framework Obsolete Version in usage (Repeated)

Updated by Harish Beechani 12 months ago

Updated by Sivakanth Kesiraju 12 months ago

Updated by Harish Beechani 11 months ago

Updated by Sivakanth Kesiraju 11 months ago

Updated by Vasu Malladi 11 months ago

Updated by Vasu Malladi 11 months ago