Welcome to intarsys

Security Alert on Spring Remote Code Execution (RCE) Vulnerability

Are intarsys products affected by CVE-2022-22965 "Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell)"?

  • https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
  • https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/

intarsys products are not affected because

  1. only the intarsys product Sign Live! cloud suite gears spring used
  2. Sign Live! cloud suite gears is operated with Java 8
  3. Sign Live! cloud suite gears does not use spring-webmvc or spring webflux.

The first customers use digital process structure for holistic workflows Hollern, Karlsruhe and Taucha, November 07.11.2023th, XNUMX - The companies GekoS mbH from Hollern in Lower Saxony and procilon