Question on procps vulnerabilities (API Portal Software)

book

Article ID: 130775

calendar_today

Updated On:

Products

CA API Developer Portal CA API Gateway

Issue/Introduction



Does the procps vulnerability listed below have any impact on API Portal 3.5 CR9 (Software) ?

(1) CVE-2018-1121
(2) CVE-2018-1122
(3) CVE-2018-1123
(4) CVE-2018-1124
(5) CVE-2018-1125
(6) CVE-2018-1126

Environment

API Gateway 9.3 CR3 (Software)
OS: RHEL 6

Resolution

(1) CVE-2018-1121
The issue would affect the portal since this library is not used for any functionality. The Portal only uses Java code. Red Hat won't fix for RHEL 6.
https://access.redhat.com/security/cve/cve-2018-1121

(2) CVE-2018-1122
Red Hat has not yet fixed. Very unlikely to affect Portal.

(3) CVE-2018-1123
Red Hat has not yet fixed. Very unlikely to affect Portal.

(4) CVE-2018-1124
Very unlikely to affect Portal. Fix is included in Monthly platform patch.

(5) CVE-2018-1125
The issue would affect the portal since this library is not used for any functionality. The Portal only uses Java code. Red Hat won't fix for RHEL 6.
https://access.redhat.com/security/cve/cve-2018-1125

(6) CVE-2018-1126
Very unlikely to affect Portal. Fix is included in Monthly platform patch.