Hi @PeteJacobCF ,
Im not sure if your post is because your organization works with Spring Framework which is affected as you know by a recent reported vulnerability (see CVE-2022-22965 for more information).
If possitive to the former, we at PANW highly recommend to upgrade your spring framework to the release/s 5.3.18 and 5.2.20 and also your Cortex XDR agents to the latest release, and more specifically to release 7.7and content above 470-88704.
If somebody tries to exploit this vulnerability , it will be blocked by the Java Deserialization Exploit protection module, which will be active if you enable Known Vulnerable Processes Protection at the Linux Exploit Security profile.
Please check that "Known Vulnerable Processes Protection" module is set to block, so that exploitation attempt is blocked and you will get an alert of the type Suspicious Input Deserialization.
Hope this helps,
@eluis thanks for the reply back man! I was just thinking that if its an available option now for windows if it would be good to enable it... I have read up on what it is but don't really understand fully what it is and what it does. I think for now I will just work on the "OpenSSL Infinite Loop Vulnerability" and put this on the back burner.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!