Question on vulnerabilities (API Portal Software)
book
Article ID: 128854
calendar_today
Updated On:
Products
CA API Developer Portal
CA API Gateway
Issue/Introduction
Does the vulnerability listed below have any impact on API Portal 3.5 CR9 (Software) ?
(1) CVE-2018-12020
(2) CVE-2018-5146
(3) CVE-2017-8779
(4) CVE-2017-5461
(5) CVE-2016-9808
(6) CVE-2016-9447
(7) CVE-2016-7545
(8) CVE-2016-4448
Environment
API Portal 3.5 CR9 (Software)
OS: RHEL 6
Resolution
(1) CVE-2018-12020
API Portal does not use GNUPG for any of its functionality and is not vulnerable.
(2) CVE-2018-5146
API Portal does not use any of its functionality and is not vulnerable.
(3) CVE-2017-8779
The API Portal is not affected by this CVE since port 111 is not used.
(4) CVE-2017-5461
The API Portal does not use Mozilla NSS for any of its functionality and is not vulnerable.
(5) CVE-2016-9808
The API Portal does not use gstreamer for any of its functionality and is not vulnerable.
(6) CVE-2016-9447
The API Portal does not use gstreamer for any of its functionality and is not vulnerable.
(7) CVE-2016-7545
The API Portal does use the SELinux sandbox for any of its functionality and is not vulnerable.
(8) CVE-2016-4448
The API Portal does not use libxml2 for any of its functionality and is not vulnerable.
Additional Information
(1) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
(2) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
(3) https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-8779
(4) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461
(5) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9808
(6) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9447
(7) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545
(8) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
Feedback
thumb_up
Yes
thumb_down
No