CISA has published an advisory on authorization bypass through user-controlled key and use of a one-way hash without a salt vulnerabilities in GE Digital APM Classic. Versions 4.4 and prior are affected. Successful exploitation of these vulnerabilities could allow access to sensitive information. GE Digital APM Classic 4.5 contains mitigations for these vulnerabilities. GE Digital recommends all users upgrade to GE Digital APM Classic 4.5 or newer. CISA recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.