Is the Security Notice for CA Identity Manager code: CA20170921-01 affects integration with CA Single Sign On

Article Id: 16062

Status: Published

Updated On: 14-02-2018 07:51

Legacy Id: TEC1411422

Products:

CA Identity Manager , CA Identity Governance , CA Identity Portal , CA Risk Analytics , CA Secure Cloud SaaS - Arcot A-OK (WebFort) , CA Secure Cloud SaaS - Advanced Authentication , CA Secure Cloud SaaS - Identity Management , CA Secure Cloud SaaS - Single Sign On

Issue/Introduction:

The Security Notice released on September 21, 2017 alerted customers of a potential risk with CA Identity Manager product within the CA Identity Suite. Does this security risk include integration when CA Identity Manager is used in conjunction with CA Single Sign On?

Ref:

https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20170921-01--security-notice-for-ca-identity-manager.html

Environment:

Release: CAIDMB99000-12.6.8-Identity Manager-B to B
Component:

Resolution:

No, the security risk does not affect CA Identity Manager when used in conjunction with CA Single Sign On since CA Identity Manager is no longer providing the authentication. The authentication is being provided with CA Single Sign On where this product does not pose a risk .However, CA recommends to install the patch as a best practice.