Is PRTG affected by CVE-2022-21449 or CVE-2022-21476

Modified on 2025-06-10 20:21:14 +0200

Is PRTG affected by CVE-2022-21449 or CVE-2022-21476? If so, is there any mitigation possible?

Article Comments

This article applies to ITOps Board installations before April 19th 2022

In response to the Amazon Cornetto, OpenJDK and Oracle Java SE Vulnerability, we at Paessler can confirm that our software Paessler PRTG Network Monitor, Paessler PRTG Enterprise Monitor and Paessler PRTG Hosted Monitor are not affected.

Additional notes:
If you use ITOps Board with an installation before April 19th 2022, your ITOps Board installation may be affected and your action is required!
Depending on the Java runtime that chose on installation, please refer to the following table:

Required mitigation steps:

Amazon Corretto	https://github.com/corretto/corretto-11/blob/develop/CHANGELOG.md	Upgrade to 11.0.15.9.1 or higher
Oracle Java SE	https://www.oracle.com/java/technologies/javase/8u331-relnotes.html	Upgrade to Java JRE V8 u331 or higher
OpenJDK	https://www.oracle.com/java/technologies/javase/17-0-3-relnotes.html	Upgrade to 17.0.3+8 or higher (do not upgrade to OpenJDK 18 because it is not compatible with Elasticsearch 6.8.x)

Apr, 2022 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

Is PRTG affected by CVE-2022-21449 or CVE-2022-21476

Article Comments

Search

Attention

Related Articles