Is TPX impacted by Java-based vulnerabilities?

Document ID : KB000073101
Last Modified Date : 13/04/2018
Show Technical Document Details
Question:
Is TPX impacted by Java-based vulnerabilities?
For example:
Pivotal Spring Data REST and Spring Boot Vulnerability (CVE-2017-8046)
Pivotal Spring Framework Vulnerability (CVE-2018-1270)
Environment:
CA TPX for z/OS
Answer:
CA TPX is assembler based and does not contain any 3rd party software. Thus, this does not affect TPX directly.

However, we cannot speak for TCP/IP, TN3270 Server and Client products customer may have. Spring Framework is common 3rd party software used by Java based products.
You should verify this with the vendors of your TN3270 clients that are used to access CA TPX.
Additional Information:
If you to find out about a vulnerability, you can find details on the Current Vulnerabilities and Exposures (CVE) website:
https://www.cvedetails.com/vulnerability-search.php