Celigo’s Products Are Not Affected by the VMWare Spring4Shell, or Spring Framework Cloud Vulnerability

by Wayne Sisk
April 4, 2022

We know many customers and prospects are concerned about the recent Spring4Shell vulnerability  – CVE-2022-22965.  The Celigo team has taken this very seriously and initiated an investigation into the possible impact as soon as the Spring4Shell  vulnerability was made public.

Celigo’s security and engineering teams have thoroughly investigated, and for the infrastructure we control directly, Celigo’s products are NOT affected as we do not use Spring4Shell for either Integrator IO (and all integration flows), or CloudExtend.

Rest assured, Celigo takes security seriously, and we have a comprehensive vulnerability management program that includes quarterly vulnerability scans, annual penetration testing, and monitoring for emerging vulnerabilities like this one for Spring4Shell.

We appreciate your concern for data security and take our role as a steward of your data very seriously. We will continue to monitor for any new developments regarding this vulnerability, and will follow this message with updates as needed.

Related Posts

Share This