3rd-Party Disclosed Vulnerabilities
Informatica's approach to addressing vulnerabilities is clearly defined in the policy that guides our actions and strengthens our adherence to security.
What do we do once we become aware of.
Our dedicated team of experts immediately initiates a comprehensive investigation upon discovering potential vulnerabilities. This involves rigorous testing, analysis, and collaboration across departments to assess the scope and severity of the vulnerability accurately.
Once identified, our team swiftly implements appropriate measures to address and mitigate the identified vulnerabilities. These measures may include patches, updates, or other remediation actions to safeguard our platform and users' data.
Furthermore, we are committed to transparency and accountability in our security practices. As such, we will provide our users with timely updates and notifications regarding any identified vulnerabilities and the corresponding remediation efforts.
Below are Informatica's Responses to recently published 3rd party identified vulnerabilities
Palo Alto Command Injection Impacting PAN-OS- Apl-2024
Leaky Vessels - Jan-2024
Microsoft CrowdStrike - Jul-2024
Java FX & Libxml2 - Vulnerabilities - March - 2025
Spring Framework URL Vulnerability- Mar-2024
Okta Support Incident - Nov-2023
Informatica-Snowflake-Response-Jun-2024
Apache Tomcat - Vulnerabilities - Updated - April -2025
Rapid Reset (DOS) Vulnerability- Oct-2023
Progress Software - MOVEit Vulnerability- Oct-2023
Spring Library - Feb 2025 Major Release Attestation - Oct -2024
Spring Framework - Path -Traversal - Vulnerabilities - April -2025
Apache Struts-2
Zero-day Vulnerability- Dec-2023
IDMC Credential Leak- Feb-2024
Spring Library - Feb 2025 Major Release CVE Information - Oct -2024
Israel-Iran Conflict - 2025
Java ECDSA Vulnerability- May-2022
Geopolitical Ukraine-Russia Conflict- Mar-2022
Oracle Cloud Infra Data Breach News - March - 2025
India-Pakistan Conflict - 2025