API-GW Vulnerability (CVE-2018-2562)
Article ID: 111959
Updated On:
Products
STARTER PACK-7
CA Rapid App Security
CA API Gateway
Issue/Introduction
Does API Gateway take the influence of the security vulnerability?
If so, is the fix included in the product?
・CVE-2018-2562
Environment
API Gateway 8.x
API Gateway 9.x
API Gateway 9.x
Resolution
Latest MPP already has the updated versions for mysql components as per below, which contains the fix for this CVE so if the customer has applied the latest MPP, this vulnerability should not affect them.
This CVE was resolved by Jan 2018 MPP.
=======
CVE-2018-2562 affects versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior.
July 2018 MPP contains:
MySQL-client-advanced-5.5.60-1.el6.x86_64.rpm
mysql-commercial-client-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-common-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-libs-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-libs-compat-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-server-5.7.22-1.1.el6.x86_64.rpm
MySQL-server-advanced-5.5.60-1.el6.x86_64.rpm
MySQL-shared-advanced-5.5.60-1.el6.x86_64.rpm
MySQL-shared-compat-advanced-5.5.60-1.el6.x86_64.rpm
This CVE was resolved by Jan 2018 MPP.
=======
CVE-2018-2562 affects versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior.
July 2018 MPP contains:
MySQL-client-advanced-5.5.60-1.el6.x86_64.rpm
mysql-commercial-client-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-common-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-libs-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-libs-compat-5.7.22-1.1.el6.x86_64.rpm
mysql-commercial-server-5.7.22-1.1.el6.x86_64.rpm
MySQL-server-advanced-5.5.60-1.el6.x86_64.rpm
MySQL-shared-advanced-5.5.60-1.el6.x86_64.rpm
MySQL-shared-compat-advanced-5.5.60-1.el6.x86_64.rpm
Feedback
Yes
No
Powered by
