Is ObserveIT vulnerable to some reported CVE ?

book

Article ID: 105906

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction



In the servers where we have installed  ObserveIT, version 5.7.4.0, when carrying out a vulnerability scan we have come up with the following ones.

-CVE-2016-2183
-CVE-2017-6168 CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-12373 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081
-CVE-2011-3389
-CVE-2013-2566 CVE-2015-2808
-CVE-2014-3566

Can you tell us if it is compatible with the product version that we currently have installed?

Environment

CA PIM 12.8 and 12.9

Resolution

Basically, ObserveIT is not vulnerable to the open SSL bug (heartbleed) as it does not use open SSL. and the ObserveIT Application server is Microsoft-IIS based, which used Only Microsoft  technology and hence it is not susceptible to the HeartBleed vulnerability. 

Most of the issues that were reported are TLS 1.0 and 1.1 issues, and this was due to the usage of .Net 3.5 in older ObserveIT versions, such 5.7.4.0. 

Since ObserveIT v7.4 it is using .Net 4 and the system now supports TLS v1.2. 

It is  suggested to upgrade the version to a newer one in order to be able to resolve  vulnerabilities coming from the usage of TLS 1.0 and 1.1.