Red Hat JBoss vulnerability

Red Hat has announced the finding of a vulnerability that affects JBoss, which is used by the DME Server. The vulnerability can allow Remote Code Execution if not otherwise protected.

DME Server Hotfix

Excitor has produced a DME Server Hotfix that addresses the vulnerability.

The Hotfix can be applied to DME Server version 4.2 SP3 and DME Server version 4.4 SP1. If you have an older version, you need to upgrade to one of these versions before applying the Hotfix (if it is a problem for you to upgrade, please contact Ecommnet Support or if you are an existing user please use the support portal to raise an urgent support ticket).

The Hotfix can be downloaded here:

Hotfix for DME Server 4.2 SP3
Hotfix for DME Server 4.4 SP1
Due to the severity reported by Red Hat, we recommend all customers to apply the Hotfix as soon as possible.

For more detailed information on the vulnerability see CVE 2015-7501 .