AnsweredAssumed Answered

Alfresco vulnerability - how to fix the problem ?

Question asked by benjamindupont on Jan 15, 2016
Latest reply on Jan 28, 2016 by benjamindupont
Hi,
I'm currently using Alfresco CE 4.2.f, and I saw there is avulnerability on this version :
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9300
http://seclists.org/bugtraq/2014/Jul/72
My data are sensitive, and I want to prevent a disclosure, do you have an idea to fix or avoid this problem ?

According to this article, the proxy servlet is concerned by this vulnerability. Is it possible to disable this function ? If yes, do you know how ? If not, what can you advise ?

For information, moving to the last Alfresco 5.0 version is not option.

Thanks!

Best regards

Outcomes