diff --git a/CHANGELOG.md b/CHANGELOG.md
index 99257f98..02dea3b8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [1.2.7] - 2022-10-06
+### Security
+- Upgrade cucumber (2.99.0 -> 7.1.0) and aruba (1.1.2 -> 2.0.0)
+  to resolve medium severity security issue on Snyk
+  [cyberark/conjur-service-broker#294](https://github.com/cyberark/conjur-service-broker/pull/294)
+
 ## [1.2.6] - 2022-08-16
 ### Security
 - Updated tzinfo to 1.2.10 in Gemfile.lock and test/integration/test-app/Gemfile.lock to 
diff --git a/Gemfile b/Gemfile
index e40a58b2..23666f10 100644
--- a/Gemfile
+++ b/Gemfile
@@ -28,7 +28,7 @@ gem 'puma', '5.6.4'
 group :development, :test do
   # Call 'byebug' anywhere in the code to stop execution and get a debugger console
   gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]
-  gem 'cucumber', '~> 2'
+  gem 'cucumber', '~> 7.1.0'
   gem 'json_spec', '~> 1.1.5'
   gem 'aruba'
   gem 'rspec', '~> 3'
diff --git a/Gemfile.lock b/Gemfile.lock
index 52c44d02..9ca709f9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -21,11 +21,11 @@ GEM
       tzinfo (~> 1.1)
     addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
-    aruba (1.1.2)
+    aruba (2.0.0)
       bundler (>= 1.17, < 3.0)
       childprocess (>= 2.0, < 5.0)
       contracts (>= 0.16.0, < 0.18.0)
-      cucumber (>= 2.4, < 7.0)
+      cucumber (>= 4.0, < 8.0)
       rspec-expectations (~> 3.4)
       thor (~> 1.0)
     builder (3.2.4)
@@ -47,23 +47,42 @@ GEM
       rest-client
     contracts (0.16.1)
     crass (1.0.6)
-    cucumber (2.99.0)
-      builder (>= 2.1.2)
-      cucumber-core (~> 1.5.0)
-      cucumber-wire (~> 0.0.1)
-      diff-lcs (>= 1.1.3)
-      gherkin (~> 4.0)
-      multi_json (>= 1.7.5, < 2.0)
-      multi_test (>= 0.1.2)
-    cucumber-core (1.5.0)
-      gherkin (~> 4.0)
-    cucumber-wire (0.0.1)
+    cucumber (7.1.0)
+      builder (~> 3.2, >= 3.2.4)
+      cucumber-core (~> 10.1, >= 10.1.0)
+      cucumber-create-meta (~> 6.0, >= 6.0.1)
+      cucumber-cucumber-expressions (~> 14.0, >= 14.0.0)
+      cucumber-gherkin (~> 22.0, >= 22.0.0)
+      cucumber-html-formatter (~> 17.0, >= 17.0.0)
+      cucumber-messages (~> 17.1, >= 17.1.1)
+      cucumber-wire (~> 6.2, >= 6.2.0)
+      diff-lcs (~> 1.4, >= 1.4.4)
+      mime-types (~> 3.3, >= 3.3.1)
+      multi_test (~> 0.1, >= 0.1.2)
+      sys-uname (~> 1.2, >= 1.2.2)
+    cucumber-core (10.1.0)
+      cucumber-gherkin (~> 22.0, >= 22.0.0)
+      cucumber-messages (~> 17.1, >= 17.1.1)
+      cucumber-tag-expressions (~> 4.0, >= 4.0.2)
+    cucumber-create-meta (6.0.4)
+      cucumber-messages (~> 17.1, >= 17.1.1)
+      sys-uname (~> 1.2, >= 1.2.2)
+    cucumber-cucumber-expressions (14.0.0)
+    cucumber-gherkin (22.0.0)
+      cucumber-messages (~> 17.1, >= 17.1.1)
+    cucumber-html-formatter (17.0.0)
+      cucumber-messages (~> 17.1, >= 17.1.0)
+    cucumber-messages (17.1.1)
+    cucumber-tag-expressions (4.1.0)
+    cucumber-wire (6.2.0)
+      cucumber-core (~> 10.1, >= 10.1.0)
+      cucumber-cucumber-expressions (~> 14.0, >= 14.0.0)
+      cucumber-messages (~> 17.1, >= 17.1.1)
     diff-lcs (1.5.0)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
     erubi (1.10.0)
     ffi (1.15.5)
-    gherkin (4.1.3)
     http-accept (1.7.0)
     http-cookie (1.0.4)
       domain_name (~> 0.5)
@@ -164,6 +183,8 @@ GEM
     spring-watcher-listen (2.0.1)
       listen (>= 2.7, < 4.0)
       spring (>= 1.2, < 3.0)
+    sys-uname (1.2.2)
+      ffi (~> 1.1)
     thor (1.0.1)
     thread_safe (0.3.6)
     tomlrb (2.0.1)
@@ -187,7 +208,7 @@ DEPENDENCIES
   byebug
   ci_reporter_rspec (~> 1)
   conjur-api (~> 5.3.4)
-  cucumber (~> 2)
+  cucumber (~> 7.1.0)
   json-schema (= 2.8.0)
   json_spec (~> 1.1.5)
   license_finder
diff --git a/dev/dev_env_menu b/dev/dev_env_menu
index c6b29f3a..a5e62e43 100755
--- a/dev/dev_env_menu
+++ b/dev/dev_env_menu
@@ -78,7 +78,7 @@ function sub_menu() {
 }
 
 function dry_run() {
-  cucumber --dry-run --tags "~@integration" --format pretty --quiet
+  cucumber --dry-run --tags "not @integration" --format pretty --quiet
 }
 
 function unit_test() {
@@ -93,7 +93,7 @@ function integration_test() {
   cucumber \
     --format junit \
     --out features/reports \
-    --tags "~@integration" \
+    --tags "not @integration" \
     --format pretty \
     --backtrace \
     --verbose
@@ -105,7 +105,7 @@ function test_by_name() {
   cucumber \
     --format junit \
     --out features/reports \
-    --tags "~@integration" \
+    --tags "not @integration" \
     --format pretty \
     --backtrace \
     --verbose \
diff --git a/dev/run_tests b/dev/run_tests
index b5a2aa13..1d1d4fbc 100755
--- a/dev/run_tests
+++ b/dev/run_tests
@@ -131,7 +131,7 @@ function runTests() {
       cucumber \
       --format junit \
       --out features/reports \
-      --tags "~@integration" \
+      --tags "not @integration" \
       --format pretty \
       --backtrace \
       --verbose
diff --git a/features/support/hooks.rb b/features/support/hooks.rb
index ef3239eb..ed2e94ca 100644
--- a/features/support/hooks.rb
+++ b/features/support/hooks.rb
@@ -11,6 +11,6 @@
   @space_host_enabled = true
 end
 
-Before("~@enable-space-host") do
+Before("not @enable-space-host") do
   @space_host_enabled = false
 end
diff --git a/features/support/world.rb b/features/support/world.rb
index 633fcf25..6ee0c071 100644
--- a/features/support/world.rb
+++ b/features/support/world.rb
@@ -6,6 +6,9 @@
 require 'uri'
 require 'securerandom'
 
+require_relative 'cf_helper'
+require_relative 'http_helper'
+require_relative 'conjur_helper'
 
 module ServiceBrokerWorld
   include CfHelper