API-GW Vulnerability (CVE-2018-5390)

book

Article ID: 112494

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction



Does API Gateway take the influence of the security vulnerability? 
If so, is the fix included in the product? 

・CVE-2018-5390

Environment

API Gateway 8.x
API Gateway 9.x

Resolution

Platform Update on August 2018 includes OS patches corresponding to CVE-2018-5390.
For the appliance version, please apply the following Platform Update.

https://support.ca.com/us/product-content/recommended-reading/technical-document-index/ca-api-gateway-solutions-and-patches.html

API Gateway9.x:
CA_API_PlatformUpdate_64bit_v9.X-CentOS-2018-08-24.L7P 
CA_API_PlatformUpdate_64bit_v9.X-RHEL-2018-08-26.L7P

API Gateway8.x:
CA_API_PlatformUpdate_64bit_v8.1-RHEL-2018-08-26.L7P