AnsweredAssumed Answered

Jaspersoft - Flagged for Critical IPS Signature Exploit

Question asked by AndyOlson on Oct 16, 2018



I wanted to reach out to the community to see if anyone else has come across this. As of late last week Jaspersoft in all of our environments stopped functioning as our security team identified one of the javascript files Jaspersoft loads was flagged for the critical IPS signature Fallout Exploit Kit


We have reached out to CA for a resolution as this is not something we are going to make an exception for, they have currently mentioned they do not identify this as an issue on the CA side. I wanted to see if anyone else has come across this issue? 


We are currently on the most recent version of Jaspersoft if that helps. I would imagine anyone on this version or 15.4.1 or higher would have this exploit present. My goal here is to spread awareness and get a fix ASAP.