Question on vulnerabilities (API Portal Software)
Article ID: 128854
Updated On:
Products
CA API Developer Portal
CA API Gateway
Issue/Introduction
Does the vulnerability listed below have any impact on API Portal 3.5 CR9 (Software) ?
(1) CVE-2018-12020
(2) CVE-2018-5146
(3) CVE-2017-8779
(4) CVE-2017-5461
(5) CVE-2016-9808
(6) CVE-2016-9447
(7) CVE-2016-7545
(8) CVE-2016-4448
Environment
API Portal 3.5 CR9 (Software)
OS: RHEL 6
OS: RHEL 6
Resolution
(1) CVE-2018-12020
API Portal does not use GNUPG for any of its functionality and is not vulnerable.
(2) CVE-2018-5146
API Portal does not use any of its functionality and is not vulnerable.
(3) CVE-2017-8779
The API Portal is not affected by this CVE since port 111 is not used.
(4) CVE-2017-5461
The API Portal does not use Mozilla NSS for any of its functionality and is not vulnerable.
(5) CVE-2016-9808
The API Portal does not use gstreamer for any of its functionality and is not vulnerable.
(6) CVE-2016-9447
The API Portal does not use gstreamer for any of its functionality and is not vulnerable.
(7) CVE-2016-7545
The API Portal does use the SELinux sandbox for any of its functionality and is not vulnerable.
(8) CVE-2016-4448
The API Portal does not use libxml2 for any of its functionality and is not vulnerable.
API Portal does not use GNUPG for any of its functionality and is not vulnerable.
(2) CVE-2018-5146
API Portal does not use any of its functionality and is not vulnerable.
(3) CVE-2017-8779
The API Portal is not affected by this CVE since port 111 is not used.
(4) CVE-2017-5461
The API Portal does not use Mozilla NSS for any of its functionality and is not vulnerable.
(5) CVE-2016-9808
The API Portal does not use gstreamer for any of its functionality and is not vulnerable.
(6) CVE-2016-9447
The API Portal does not use gstreamer for any of its functionality and is not vulnerable.
(7) CVE-2016-7545
The API Portal does use the SELinux sandbox for any of its functionality and is not vulnerable.
(8) CVE-2016-4448
The API Portal does not use libxml2 for any of its functionality and is not vulnerable.
Additional Information
(1) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
(2) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
(3) https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-8779
(4) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461
(5) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9808
(6) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9447
(7) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545
(8) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
(2) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
(3) https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-8779
(4) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461
(5) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9808
(6) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9447
(7) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7545
(8) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
Feedback
Yes
No
Powered by
