ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

The version of Java version in R12.52SP1CR10 of webagent show vulnerabilities

book

Article ID: 145729

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

As per the customer's security assessment team , It was identified that in the R12.52SP1CR10 webagent is using outdated java and requested to use the latest version of Java in the webagent.

Customer is requesting to provide the latest version of java in the R12.52SP1CR10 webagent builds.

 

Cause

The R12.52 SP1 CR-xx Web Agents install/uninstall use the version of Java that was the latest available at the time the Agent was created.

Environment

Release : 12.52

Component : SITEMINDER -WEB AGENT

Resolution

The version of JAVA installed by the SiteMinder Web Agents during the install process is not used for "Run-Time" functionality, and can be removed from the system following the install/upgrade.

If you plan to uninstall the Agent, you will need to replace this version of JAVA, and perform the uninstall. If you instead perform an upgrade, you will not have any issues, since the new Agent install will use it's version of JAVA to perform the upgrade of the R12.52 SP1 CR-10 Agent.