Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability in NFA
search cancel

Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability in NFA

book

Article ID: 14078

calendar_today

Updated On: 02-14-2018

Products

Network Flow Analysis

Issue/Introduction

Security team has identified that there is Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability for NFA. Need to know if NFA is vulnerable to this.



Whether NFA is vulnerable to Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability?

Environment

NFA 9.2 to 9.3.6

Resolution

NFA 9.3.6 uses .NET 4.5.1 for the Console, and NFA 9.4 will ship with .NET 4.6.2.

All web interactions use the CLR associated with those versions of .NET, so this vulnerability is a non-issue in 9.3.6 and 9.4.

 

Additional Information

https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.TEC1242681.html

https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.TEC614785.html

 

Powered by Wolken Software