Skip to main content
Mitratech Success Center

Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.


Spring Framework Vulnerability

Spring Framework Security Vulnerability Update - CVE-2022-22965 CVE-2022-22963

April 14, 2022 16:30 CT


Mitratech is aware of the Spring4Shell Spring Framework Vulnerability (CVE-2022-22965) and the Spring Cloud Function Vulnerability (CVE-2022-22963) affecting Java applications. Investigations across our applications, our vendors and third parties have already begun. Information about affected on-premise and/or hosted applications, will be published here.

Applications Under Investigation

  • Acuity
  • AdvanceLaw
  • Casetrack
  • EraCLM (ContractRoom)
  • LawManager (On-premise)
  • Lawtrac
  • eCounsel SAP BusinessObjects (Hosted)


Applications Not Vulnerable

  • Alyne
  • ClusterSeven Applications
  • CMO Compliance Manager
  • CMPG Procipient
  • CMPG VendorInsight
  • CMPG VendorIntel
  • CMPG VRM Pro (VendorEval)
  • Collaborati
  • Continuity applications
  • Corridor
  • Datastore
  • GCD
  • GLD
  • INSZoom
  • Integrum applications
  • Law Manager Pro (if running JDK8)
  • LegalHold Hosted SaaS
  • OpRiskControl
  • PolicyHub
  • Quovant applications
  • Suite (eCounsel, Secretariat) (Hosted)
  • TAP
  • TeamConnect SAP BusinessObjects (Hosted)
  • TeamConnect SAML (Hosted)
  • TeamConnect Sisense (Hosted)
  • TeamConnect ElasticSearch (Hosted)
  • TeamConnect (Hosted Core Application)
  • Tracker I-9
  • Tracker IMS


The following applications are affected:

  • Law Manager Pro (when running in JDK 8)
  • TeamConnect (On-premise)
  • TeamConnect LegalHold Portal (On-premise)
  • TeamConnect SSO SAML (On-premise)
  • Suite (eCounsel and Secretariat) (On-premise)



As a preliminary mitigation,

  1. TeamConnect on-premise clients using Tomcat 9 with JDK 9 or greater, should upgrade to Tomcat version 9.0.62 or newer.
  2. On-premise TeamConnect, LegalHold, Law Manager Pro and eCounsel installation customers should consider switching to a Java 8 environment, such as OpenJDK 8, if running their applications in Java 9 or greater environments


Please note that this information may change rapidly as the threat landscape changes.


Please return to this page often for updates.

  • Was this article helpful?