API-Portal Vulnerability(CVE-2018-5390)

book

Article ID: 112495

calendar_today

Updated On:

Products

CA API Developer Portal CA API Gateway

Issue/Introduction



Does API Portal take the influence of the security vulnerability? 
If so, is the fix included in the product? 

・CVE-2018-5390

Environment

API Portal 3.1
API Portal 3.5

Resolution

Platform Update on August 2018 includes OS patches corresponding to CVE-2018-5390.
For the appliance version, please apply the following Platform Update.
https://support.ca.com/us/product-content/recommended-reading/technical-document-index/ca-api-gateway-solutions-and-patches.html

API Portal3.5:
CA_API_PlatformUpdate_64bit_v9.X-RHEL-2018-08-26.L7P

API Portal3.1:
CA_API_PlatformUpdate_64bit_v8.1-RHEL-2018-08-26.L7P