Issued: 19th September 2024
This message is to notify you that due to a configuration issue with our Java agent versions 6.6.0 to 6.8.0 and our EOP server, some exclusions are not being picked up and applied by the agent. This issue impacts both Assess and Protect exclusions so may lead to unexpected vulnerabilities or attack events being reported.
What does this mean to you?
If you have applications running with Java agent 6.6.0, 6.7.0 or 6.8.0 and are experiencing issues with exclusions, the issue can be resolved through either of the following paths:
- Upgrade the Java agent to 6.9.0
- Alternatively, upgrade to the patched EOP release (3.11.7) available now on Contrast Hub
If you are not running with these specific versions of the Java agent or are using the Contrast SaaS system, no action is required.
If you have any additional questions, concerns, or would like to discuss this issue further, please don’t hesitate to reach out to us at support@contrastsecurity.com.