3742150 - Spring Framework Path Traversal Vulnerability - CVE-2024-38816 detected in Introscope EM 10.8

Symptom

After running a scanner tool, a vulnerability was detected for Spring Framework Path Traversal - CVE-2024-38819 in Introscope Enterprise Manager (EM) 10.8 file below:
C:\usr\sap\ccms\apmintroscope\product\enterprisemanager\configuration\org.eclipse.osgi\bundles\16\1\.cp\WebContent\WEB-INF\lib\spring-core-4.3.22.RELEASE.jar.

Environment

Product: SAP Extended Diagnostics by CA Wily
Introscope by CA Technologies

Product

SAP Solution Manager all versions

Keywords

Spring Framework, Path Traversal, Vulnerability, CVE-2024-38816, EM, SAP Solution Manager, Upgrade, 10.8 SP1, Vulnerability Scanner Tool , KBA , XX-PART-WILY , Introscope by CA Technologies , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.