Security Vulnerability

A security vulnerability is reported when using Apache Shiro 1.10 or lower in conjunction with Spring Boot. However, this vulnerability does not affect UDP 9.x.

Arcserve UDP does not use HTTP/2 and although this security vulnerability is reported, it does not impact the functioning of UDP.

The UDP 9.x version ships SQL 2019 Express DB, which contains Apache Log4j vulnerabilities. For more information on how to resolve this, see the KB article.

Copyright © 2014-2023, Arcserve LLC. All rights reserved.