4.10 CX Component Vulnerability Report

This vulnerability report of the CX components is scanned with Trivy Version 2 and published on 04 Aug 2025

ActiveMQ

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

Active MQ

Trivy

0

5

0

activemq.json

Agent Desk

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

Agent desk

Trivy

0

unified-agent.json

Campaigns

The critical and high severity vulnerabilities in extended dependencies do not have a fix available currently.

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

campaigns

Trivy

58

15

7

1

campaigns.txt

conversation-studio

Trivy

115

32

18

1

conversation-studio.txt

campaign-scheduler

Trivy

0

1

0

campaign-scheduler.json

Channels

Scan Report

Component	Engine	Low	Medium	High	Report
360-connector	Trivy	0	2	0	360-connector_trivy_report.txt
facebook-connector	Trivy	0	2	0	facebook-connector_4.9.4_f-CIM-27802.json
instagram-connector	Trivy	0	2	0	instagram-connector_4.9.4_f-CIM-27802.json
hc_smpp_connector	Trivy	0	2	0	hc_smpp_connector_4.9.4_f-CIM-27802.json
telegram-connector	Trivy	0	2	0	telegram.json
twilio-connector	Trivy	0	2	0	twilio-connector_4.9.4_f-CIM-27802.json
twitter-connector	Trivy	0	2	0	twitter-connector_4.9.4_f-CIM-27802.json
viber-connector	Trivy	0	2	0	viber-connector_4.9.4_f-CIM-27802.json
email-connector	Trivy	0	2	0	email-connector_4.9.4_f-CIM-27802.json
whatsapp-connector	Trivy	0	2	0	whatsapp-connector_4.9.4_f-CIM-27802.json
ms-exchange	Trivy	0	2	0	ms-exchange-email-connector_4.9.4_f-CIM-27802.json
youtube-connector	Trivy	0	2	0	youtube-connector_4.9.4_f-CIM-27802.json
linkedinconnector	Trivy	2	4	2	linkedinconnector.json

Core

Scan Report

Component	Engine	Low	Medium	High	Report
bot-framework	Trivy	0	1	0	bot-framework10.json
customer-channel-manager	Trivy	0	1	0	customer-channel-manager_trivy_report.txt
conversation-manager	Trivy	0	1	0	conversation-manager_trivy_report.txt
conversation-monitor	Trivy	0	1	0	conversation-monitor_trivy_report.txt
historical-reports-manager	Trivy	0	2	0	hostorical.json
license-manager	Trivy	0	1	0	license-manger.json
realtime-reports-manager	Trivy	0	2	0	realtime-reports-manager.json
media-routing-engine	Trivy	1	5	0	media-routing-engine_trivy_report.txt
state-events-logger	Trivy	0	2	0	state-events-logger_4.9.4_f-CIM-27802.json
business-calendar	Trivy	0	2	0	business-calendar_4.9.4_b-CIM-30057.json
file-engine	Trivy	1	3	1	file-engine (1).txt

Eleveo Middelware

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

recording-link-activities

Trivy

1

2

5

0

recording-link-activities_4.10.json

QM

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

qm-connector

Trivy

1

2

1

0

qm-connector_trivy_report (1).txt

qm-backend

Trivy

58

16

7

1

qm-backend (1).txt

Reporting

As the Reporting vulnerabilities cannot be fixed due to the end of life of the third-party tool used for CX Reporting, and no further support or updates are available. The team is working on moving all the jobs to the new Data Platform.

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

reporting-connector

Trivy

0

6

3

reporting-connector.json

Surveys

The critical and high severity vulnerabilities in extended dependencies do not have a fix available currently.

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

survey-backend

Trivy

58

15

7

1

survey-backend.txt

survey-nodes

Trivy

114

33

18

1

survey-nodes.txt

Expertflow ETL

The critical and high severity vulnerabilities in extended dependencies do not have a fix available currently.

Scan Report

Component

Engine

Low

Medium

High

Critical

Report

cx-data-platform

Trivy

171

94

38

5

cxdata1.json