ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
The version of Java version in R12.52SP1CR10 of webagent show vulnerabilities
Article ID: 145729
CA Single Sign On Agents (SiteMinder)CA Single Sign On Federation (SiteMinder)CA Single Sign On SOA Security Manager (SiteMinder)SITEMINDERCA Single Sign On Secure Proxy Server (SiteMinder)
As per the customer's security assessment team , It was identified that in the R12.52SP1CR10 webagent is using outdated java and requested to use the latest version of Java in the webagent.
Customer is requesting to provide the latest version of java in the R12.52SP1CR10 webagent builds.
The R12.52 SP1 CR-xx Web Agents install/uninstall use the version of Java that was the latest available at the time the Agent was created.
Release : 12.52
Component : SITEMINDER -WEB AGENT
The version of JAVA installed by the SiteMinder Web Agents during the install process is not used for "Run-Time" functionality, and can be removed from the system following the install/upgrade.
If you plan to uninstall the Agent, you will need to replace this version of JAVA, and perform the uninstall. If you instead perform an upgrade, you will not have any issues, since the new Agent install will use it's version of JAVA to perform the upgrade of the R12.52 SP1 CR-10 Agent.