Is CA Process Automation affected by CVE-2018-11776
Article ID: 112348
Updated On:
Products
CA Process Automation Base
Issue/Introduction
Does CA Process Automation use Apache Struts2 and is it affected by the vulnerability outlined in CVE-2018-117766?
Environment
Release: ITPASA99000-4.3-Process Automation-Add On License for-CA Server Automation
Component:
Component:
Resolution
Short answer - no.
CA Process Automation 4.3 SP02 and previous releases use Apache Struts version 1.27, and is therefore not impacted by this vulnerability.
CA Process Automation 4.3 SP03 has replaced Apache Struts with Spring framework, and is not impacted by this vulnerability, or any vulnerability associated with Apache Struts.
CA Process Automation 4.3 SP02 and previous releases use Apache Struts version 1.27, and is therefore not impacted by this vulnerability.
CA Process Automation 4.3 SP03 has replaced Apache Struts with Spring framework, and is not impacted by this vulnerability, or any vulnerability associated with Apache Struts.
Feedback
Yes
No
Powered by
