Security Scanners Are Still Detecting CVE-2022-23302 Vulnerability in the AM Server Even After Upgrading to v8.6 Patch 3
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.6 Patch 3
Issue
/opt/rsa/am/appserver/wls/.patch_storage/34236279_Jun_2_2022_21_32_46/files/oracle.wls.core.app.server/12.2.1.4.0/wls.common.symbol/modules/oracle.owasp/com-bea-core-apache-log4j.jar Installed version : 1.2.17
/opt/rsa/am/appserver/wls/.patch_storage/34236279_Jun_2_2022_21_32_46/files/oracle.wls.libraries/12.2.1.4.0/wls.common.symbol/modules/com.bea.core.apache.log4j.jar Installed version : 1.2.17
Cause
Resolution
Related Articles
Upgrading to Authentication Manager 8.4 fails with the error message "Unable to delete file /opt/rsa/am/server/wrapper/bac… Number of Views How to enable verbose / debug logging on Authentication Manager, AM Web Tier v. 8.x Number of Views GUI shows initialization error "ORA-04063: package body "AVUSER.UTILITIES_PKG" has errors" after patching to 7.5.2 P07 in … Number of Views 8.5P4 linux webtier shows online-reinstall required Number of Views Error "Request Entity Too Large" when upgrading RSA Authentication Manager from versions (8.2 SP1 up to 8.4 P13) to 8.5 Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
