ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

PAM Socket Filter Agent (SFA) dependency on 2005/2008 VC++


Article ID: 133058


Updated On:


CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC) CA Privileged Access Manager (PAM)


We are in the midst of upgrading the PAM socket filter agent (SFA) from 2.8 to later versions. Our auditors have flagged the 2.8 SFA as having a vulnerability by using 2005/2008 VC++ as a dependency. Does it really use those libraries? Do the newer PAM 3.X SFA releases have the same dependency?


Release : Any supported PAM release as of June 2019.



The Windows SFA continues to support Windows 2008 R2 and is still built using Visual Studio 2008, which means it uses and depends on Visual C++ 2008 runtime libraries. This is the case for all releases supported as of June 2019, including the new PAM 3.3 release. Windows 2008 R2 is nearing its End of Life and future PAM SFA releases may not have this dependency anymore, but at this time we do not have an ETA.