Desde Compuware nos cuentan esto, así que si tenéis alguna aplicación web, tocará instalar algún parche.
We’ve been working with our customer, Minnesota’s largest public higher education system, to address the findings of some ‘white box’ testing of their Uniface applications deployed with the Uniface Web Application Server.
The tests were carried out by a third party company who specialize in software security programs.
As a result, several medium risk vulnerabilities were identified, which we have addressed in patches on the currently supported versions of Uniface.
Uniface 9.3 – patch P228
Uniface 9.4 – patch R123
Uniface 9.5 – patch E103
We are not planning on resolving these issues on older, unsupported versions of Uniface.
It should be noted that the testing company rate issues from Very High through to Very Low, and although the findings were only medium priority vulnerabilities, we do advise customers to use the patches.