Is PRTG affected by CVE-2022-22963 or CVE-2022-22965. If so, is there any mitigation possible?
Is PRTG affected by CVE-2022-22963 or CVE-2022-22965
Modified on 2025-06-10 16:35:58 +0200
Attention: This article is a record of a conversation with the Paessler support team. The information in this conversation is not updated to preserve the historical record. As a result, some of the information or recommendations in this conversation might be out of date.
Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
In response to the vulnerabilities in the Spring Framework (tagged as SpringShell, CVE-2022-22965, CVE-2022-22963) we at Paessler can confirm that our software Paessler PRTG Network Monitor, Paessler PRTG Enterprise Monitor, Paessler PRTG Hosted Monitor (as well as the underlying infrastructure) and the Paessler PRTG app for desktop do not use this Framework nor the Cloud Function and are therefore not affected.
We are also currently conducting a thorough investigation of our internal infrastructure as well as staying in close contact with the manufacturers to ensure that all our services stay secure.
Apr, 2022 - Permalink