CVE-2022-29885 is for the environments using Tomcat clustering. Foglight does not use Tomcat clustering; therefore it is not affected.
CVE-2022-42252 applies if Tomcat is configured to ignore invalid HTTP headers by setting rejectIllegalHeader to false. Foglight has rejectIllegalHeader as true which is the default value in Tomcat 9; therefore, Foglight is not affected.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center