Spring4Shell RCE vulnerability [CVE-2022-22965] - ESET Protect WebConsole Component

[BobK 1]

Our current ESET Protect Web-Console is running on TomCat 9.0.54.

Apparently the Spring4Shell vulnerability has been addressed in Apache Tomcat versions 10.0.20, 9.0.62.

Do ESET have and statements on this and do you plan to update the All-in-one installer?

[Marcos 4,358]

ESET's product are not affected by Spring4Shell since Spring framework is not used at all.