QID Spotlight: Discover Azul Java Vulnerabilities

Bharat Jogi

The Qualys vulnerability signatures team has released a new series of signatures (detections) for Azul Java, allowing security teams to identify Azul Java hosts and detect their vulnerabilities.

Azul is a Java platform used for modern cloud enterprises. The platform is used for developing, delivering, optimizing, and managing Java applications. This platform guarantees performance, security, value, and success.

The JDK (Java Development Kit) provided by Azul is also known as Zulu. This JDK is an OpenJDK native binary that is directly dependent on the underlying operating system.

Supported Operating Systems

RHEL, CentOS, Amazon Linux, SLES/OpenSUSE, Fedora, Oracle Enterprise Linux, Debian, Ubuntu, Alpine, and Windows.

Supported Discovery Method

Default installations for Linux, MSI installation for Windows.

QIDs for Azul Java

  1. 45504 – IG (Information Gathered) to track Azul installed assets
  2. 375806 – April 2019 Security Update
  3. 375809 – July 2019 Security Update
  4. 375810 – October 2019 Security Update
  5. 375811 – January 2020 Security Update
  6. 375812 – April 2020 Security Update
  7. 375813 – July 2020 Security Update
  8. 375815 – October 2020 Security Update
  9. 375816 – April 2021 Security Update
  10. 371817 – July 2021 Security Update

All above-mentioned Azul Java QIDs are available from signature version 2.5.292-2 and above.

Azul Java JDK is supported on Qualys Cloud Agent and Qualys scanner.

Stay connected to get the updates on our latest QIDs and keep yourself protected!

References:

https://www.azul.com/
https://docs.azul.com/core/zulu-openjdk/versioning-and-naming
https://www.azul.com/downloads/?os=alpine-linux&package=jdk
https://www.azul.com/products/components/azul-zulu-prime-builds-of-openjdk/
https://docs.azul.com/zulu/zulurelnotes-january2021/ZuluReleaseNotes/TargetOperatingEnvironments.htm

Share your Comments

Comments

Your email address will not be published. Required fields are marked *