/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
After updating the HANA cockpit to latest version 2.17.4 as per 3552930, the XSA version is v1.3.3 and is compatible with the latest HANA cockpit version as per 3152301, still the vulnerability scan shows outdated spring framework .jar files:
/hana/shared/<SID>/xs/ea_data/embedded_execagent/executionroot/d9a1c22c-341d-4799-8be2-7fb074d65d84/app/WEB-INF/lib/spring-webmvc-4.3.20.RELEASE.jar
/hana/shared/<SID>/xs/ea_data/embedded_execagent/executionroot/8fd86a73-b59c-43fd-b546-0b6cecee3393/app/WEB-INF/lib/spring-webmvc-4.3.20.RELEASE.jar
Read more...
Environment
- SAP HANA Cockpit
- SAP HANA Extended Application Services, Advanced Model
Product
Keywords
CVE-2024-38819, spring-webmvc, RELEASE.jar, cockpit, XSA , KBA , HAN-CPT-CPT2-SEC , SAP HANA Cockpit 2 (Security) , BC-XS-RT , XS Advanced Runtime / XS Controller , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)