ADV-2022-001 - Netwrix Statement on CVE-2022-22965, the "Spring4shell" vulnerability

Community Netwrix Security Announcements
1

Executive Summary

Netwrix, a cybersecurity vendor that makes data security easy, evaluated its entire product portfolio for exposure to this critical remote code execution vulnerability in the Spring Framework announced on March 31, 2021.

Confirmed Affected Products

  • N/A

Confirmed Unaffected Products

  • Netwrix Auditor
  • Netwrix Data Classification
  • Netwrix Risk Insight
  • Stealthbits StealthAUDIT also available as Netwrix StealthAUDIT
  • Stealthbits StealthAUDIT Access Information Center
  • Stealthbits StealthAUDIT Sensitive Data Discovery
  • Stealthbits StealthINTERCEPT
  • Stealthbits Privileged Activity Manager (SbPAM) also available as Netwrix SbPAM
  • Stealthbits StealthDEFEND also available as Netwrix StealthDEFEND
  • Stealthbits Activity Monitor (SAM)
  • Stealthbits StealthRECOVER also available as Netwrix StealthRECOVER
  • NNT Change Tracker also available as Netwrix Change Tracker
  • Anixis Password Reset also available as Netwrix Password Reset
  • Anixis Password Policy Enforcer also available as Netwrix Password Policy Enforcer
  • Anixis PPE/Web
  • Strongpoint for Salesforce
  • Strongpoint for Netsuite
  • PolicyPak Enterprise
  • PolicyPak Professional
  • PolicyPak SaaS

Please contact the Netwrix support team if you require further assistance.