Is CA API Portal 3.5 affected by CVE-2018-8014

book

Article ID: 105961

calendar_today

Updated On:

Products

CA API Developer Portal CA API Gateway

Issue/Introduction

A new vulnerability for Tomcat Apache was released:

https://www.cvedetails.com/cve/CVE-2018-8014/

This vulnerability expose a vulnerability on the default CORS settings.

Is the CA API Portal 3.5 affected by this vulnerability?

Environment

Release: L7APIP99000-3.5-API Developer Portal-Perpetual
Component:

Resolution

The CA API Portal 3.5 does not use Tomcat's CORS filter.
Therefore, the Portal is not vulnerable to this CVE.