Download Foglight Management Server 5.6.x and 5.7.x Patch for solution 183437

For details, please see included release notes as well as solution SOL183437 in our Knowledge Base.

The Apache Commons Collections library version 3.2, used by Foglight Management Server and earlier versions, allows remote code to be executed if the attacker has a way to submit specially crafted serialized Java objects. The Management Server has Remote Method Invocation (RMI) end points that accept serialized method parameters, making it vulnerable.

This patch addresses the following issues:
FGL-18415 - A critical Apache Commons Collections vulnerability was experienced on a Foglight Management Server.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
Contact Us
Customer Service
Licensing Assistance
Renewals Representative
View All