AMS Known Vulnerabilities and Issues
Components of AMS
SpringSource Application Management Suite is built with the following components. Please see the security advisories information for each component for more information on the security vulnerabilities and issues that may affect that component.
| Component | Security advisories |
|---|---|
| Hyperic HQ | Hyperic HQ security advisories |
| Dojo | Dojo security advisories |
AMS is built using the following versions of these components
| AMS version | Hyperic HQ version | Dojo versions |
|---|---|---|
| 2.0.0 | 3.2.5 | 0.4.0 and 1.1.0 |
| 2.0.0.SR1 | 3.2.5 | 0.4.0 and 1.1.0 |
| 2.0.0.SR2 | 3.2.5 | 0.4.0 and 1.1.0 |
| 2.0.0.SR3 | 3.2.5 | 0.4.0 and 1.1.0 |
| 2.0.0.SR4 | 3.2.5 + fixes for CVE-2009-2897, CVE-2009-2898 & CVE-2009-2907 |
0.4.0 and 1.1.0 |
Authenticated users are exposed to the Dojo security vulnerabilities. AMS users are advised not to browse untrusted sites whilst logged in to AMS and to log out of AMS when they have finished.
No further AMS releases are planned. Users of AMS are advised to upgrade to the latest version of Hyperic HQ.
Known Vulnerabilities in AMS
There are no known vulnerabilities in AMS over and above those known to exist in the components of AMS