Welcome to intarsys

Security Alert on Spring Remote Code Execution (RCE) Vulnerability

Are intarsys products affected by CVE-2022-22965 “Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell)”?

  • https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
  • https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/

intarsys products are not affected because

  1. only the intarsys product Sign Live! cloud suite gears spring used
  2. Sign Live! cloud suite gears is operated with Java 8
  3. Sign Live! cloud suite gears does not use spring-webmvc or spring webflux.

As the first long-term storage solution available on the market, the proNEXT Archive Manager from the procilon GROUP has received the TR-ESOR certificate from the BSI according to the new version...