Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

Security Update: NR17-05 for Java Agent

security
java

#1

Vulnerability information

A security update for New Relic’s Java agent fixes a vulnerability where the agent could unintentionally capture full SQL queries when SQL obfuscation is enabled.

NR17-05

Vulnerability Details

New Relic’s Java agent can be configured to obfuscate SQL query information. This setting is forced when high security mode is enabled. New Relic has found that, when an exception is thrown during the query, full SQL query information may still be captured as part of the error trace when SQL obfuscation is enabled. A fix has been made to disable the collection of this information during error collection. Customers are encouraged to upgrade to the latest version of the Java agent.