Article - CS378518
Saving some Mashups seems to expose Apache Tomcat to JSP Expression Language Injection vulnerability in ThingWorx Platform 9.3.4
Modified: 17-Oct-2022
Applies To
- ThingWorx Platform 9.3 SP4
Description
- Upgraded to ThingWorx Platform 9.3.4 and now the default F5 Load Balancer rules throw alerts if a User saves a Mashup
- ThingWorx appears vulnerable JSP Expression Language Expression Injection after ThingWorx Platform upgrade
- Intrusion Prevention System (IPS) is picking up JSP Expression Language Expression Injection with ThingWorx Platform requests
- When saving a Mashup that contains an input widget such as Text Area a JSP Injection alert is triggered by the organization's IPS
- Network Appliance is displaying alerts about incoming ThingWorx PUT requests being vulnerable to JSP Expression Language Expression Injection
- User traffic passes through an F5 Load Balancer which is now triggering alerts after upgrade of ThingWorx Platform
- If a user saves a Mashup F5 Load Balancer throws JSP Expression Injection alerts
- Prior to upgrade ThingWorx Platform did not need F5 Load Balancer exceptions to function, now it does
- F5 Load Balancer blocking TWX Code
- ThingWorx Platform 9.3.4 is tripping F5 with various JSP injection attack signatures
- "JSP Expression Language Expression Injection" alerts are triggered in F5 Load Balancer when Users save Mashups after upgrade to ThingWorx Platform 9.3.4
This is a printer-friendly version of Article 378518 and may be out of date. For the latest version click CS378518