CA PM Product version = 3.7

our internal security Team identified few vulnerability on CA-PM Product.

CA Data Aggregator & DA Proxy

HashiCorp Consul Remote Code Execution Vulnerability(Port 8500)

CA PC

HashiCorp Consul Remote Code Execution Vulnerability(Port 8900)

Release : 3.7

Component : CA Performance Center

Updating Consul to the latest version has been added to the CAPM roadmap.

The workaround is to isolate your management servers using firewalls and acl’s.

How you implement your internal security is up to you, but management servers should always be under controlled access.