Vulnerability CVE-2019-2426 (API Portal)

Article Id: 126992

Status: Published

Updated On: 12-02-2019 21:59

Products:

CA API Developer Portal , CA API Gateway

Issue/Introduction:

Does the vulnerability have any impact on API Portal 3.5 (Software version)?
CVE-2019-2426
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking).

Customer environment:
1) API Portal 3.5 CR9 (Software version)
2) JDK1.8.0_181

Environment:

API Portal 3.5 CR9 (Software version)

Resolution:

As per Oracle notes, JDK 8u181 is not affected.
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

In the notes of "Oracle Java SE Risk Matrix", JDK 8u181 is not listed as affected by this vulnerability.
The matrix is stating:
- CVE# = CVE-2019-2426
- Supported Versions Affected = Java SE: 7u201, 8u192, 11.0.1; Java SE Embedded: 8u191

Additional Information:

CVE-2019-2426
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking).
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2426