Hashicorp Consul Vulnerabilities issue on CA PM 3.7

book

Article ID: 145187

calendar_today

Updated On:

Products

CA Infrastructure Management CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

CA PM Product version = 3.7

our internal security Team identified few vulnerability on CA-PM Product.

CA Data Aggregator & DA Proxy

HashiCorp Consul Remote Code Execution Vulnerability(Port 8500)


CA PC

HashiCorp Consul Remote Code Execution Vulnerability(Port 8900)

Environment

Release : 3.7

Component : CA Performance Center

Resolution

Updating Consul to the latest version has been added to the CAPM roadmap.

The workaround is to isolate your management servers using firewalls and acl’s.

How you implement your internal security is up to you, but management servers should always be under controlled access.

Additional Information

https://www.cvedetails.com/cve/CVE-2019-9764/

https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=31761