Security

CVE-2022-23307 Chainsaw Package

What is CVE-2022-23307 (Chainsaw Package)?

In summary,

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.

National Vulnerability Database

Is Cascade CMS affected by CVE-2022-23307 (Chainsaw Package)?

No, this vulnerability does not impact Cascade Cloud or on-premise distributions of Cascade CMS. We do not reference the tools in question in our configuration and the configuration is not exposed to users via the user interface.
Back to Top ↑