Skip to main content
Support

KB Article #182913

SECURITY: Impact of CVE-2023-39017 on SecureTransport

Problem

Security scan reports CVE-2023-39017 vulnerability for SecureTransport 5.5.


Resolution

The SecureTransport team has thoroughly investigated CVE-2023-39017, a code injection vulnerability identified in the org.quartz.jobs.ee.jms.SendQueueMessageJob.execute component of quartz-jobs versions 2.3.2 and earlier. After a comprehensive review, we have determined that SecureTransport does not utilize the affected quartz-jobs component, and, consequently, remains unaffected by this vulnerability.


To ensure ongoing security, we will update the quartz-jobs dependency to the latest secure version as soon as it becomes available.