/
FAQ for CVE-2022-22963, CVE-2022-22965

FAQ for CVE-2022-22963, CVE-2022-22965

Owned by DATABASICS, Inc.
Last updated: Apr 01, 2022
1 min read

Are DATABASICS instances affected by CVE-2022-22963, CVE-2022-22965?

Initial review of our applications, we are not affected by CVE-2022-22963, CVE-2022-22965. Our security and development team is assessing whether these vulnerabilities affect any of other products and services we use. We will update this page as soon as we have any results from their investigation. 

Four CVEs have been released so far and are being actively updated as new information emerges. These vulnerabilities can result, in the worst case, in full remote code execution (RCE) compromise:

CVE-2022-22947
CVE-2022-22950
CVE-2022-22963
CVE-2022-22965

Action taken by our team:

  • Audit/Monitor application logs for unexpected system errors or messages including inappropriate access.

  • Configured firewall rules to intercept and drop malicious web requests

  • The WAF team is actively monitoring these CVEs and have already deployed a number of new managed mitigation rules.

 

Related content

DATABASICS Position on SolarWinds Malware Attack
DATABASICS Position on SolarWinds Malware Attack
DATABASICS Product Guides
More like this
END-OF-LIFE Schedule
END-OF-LIFE Schedule
DATABASICS Product Guides
More like this
8.2 July 2024
8.2 July 2024
DATABASICS Product Guides
More like this
Support Policy
Support Policy
DATABASICS Product Guides
More like this
External IP Addresses
External IP Addresses
DATABASICS Product Guides
More like this
As a customer, what do I need to do if I'm DATABASICS Remote Agent on Oracle Java 8? Java Licensing
As a customer, what do I need to do if I'm DATABASICS Remote Agent on Oracle Java 8? Java Licensing
DATABASICS Product Guides
More like this

2025 DATABASICS, Inc