Number: AV22-293
Date: 27 May 2022
On 24 May 2022, HPE published a Security Bulletin to address a vulnerability in the following products:
- HPE IceWall Identity Manager – version 6.0 (Windows/Oracle JDK 17.0.2)
- HPE IceWall Gen11 Password Reset Option – Windows/Oracle JDK 17.0.2
- HPE IceWall MFA – multiple products (Windows/Oracle JDK 17.0.2)
- HPE IceWall Federation OIDC – multiple versions (Windows/Oracle JDK 17.0.2)
Exploitation of these vulnerability could allow for unauthorized data read/modification.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary update.