Vulnerability on WebMethods IS v.10.7

Product/components used and version/fix level:

webMethods IS 10.7

Detailed explanation of the problem:

We would like to known if the upgrade to the webMethods Integration Server 10.15 version resolves any vulnerabilities of the 10.7 version. Thank you all

Error messages / full error message screenshot / log file:

Question related to a free trial, or to a production (customer) instance?

1 Like

Upgrade from 10.7 to 10.15 is recommended for support.
All versions are near expiry so upgrade is recommended to 10.15.

For vulnerabilities only, the upgrade may not be necessary as long as the current version is under support. SAG should support in closing all open vulnerabilities with a fix or patch.

Below screen shot for reference on the support cycle.

1 Like

Newer versions of the Integration Server offer newer features as well. For full details about the release , please refer the release readme at
1015 Release readme

1 Like

For exact answer to your question, any patch/bug fix that is released for any version, is also released for each version that is supported and has the same vulnerability/bug. Meaning, if there is a security vulnerability on 10.15, that same fix will be released for lower versions and higher version too. It also applies to versions that customers have extended support agreement. You can only receive patches for the versions that you have the support agreement. In other terms, if there is a security patch released for example for version 10.3, only those who have extended support agreement will receive the patches that are released after support ended.

1 Like