Scans have detected that the Jetty version used on APM Command Center is not sufficient for security reasons.
The Jetty version being used in 10.5.2 is 9.2.11
The most recent version of Command Center at the time, 10.7 SP2, is using Jetty 9.3.14
9.2.x - prior to 9.2.25.v20180606
9.3.x - prior to 9.3.24.v20180605
9.4.x - prior to 9.4.11.v20180605
IMPACT: On successful exploitation it can lead to Disclosure of system information, Modification of system information, Modification of user information, hijack or delete the target user's session and User access via network.
A version of ACC with an updated version of Jetty has been delivered as a hotfix - 10.7 Hotfix 22, reference DE387984
This fix will be available in CA APM/ACC 10.7 SP3
Information relating to the vulnerability: