ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Apache Vulnerabilities on Siteminder Access Gateway

book

Article ID: 187471

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) SITEMINDER

Issue/Introduction

Siteminder Access Gateway (pka Secure Proxy Server (SPS)) are bundled with the following versions of Apache web server:

Access Gateway r12.7.1:
-> Apache 2.4.27

Access Gateway r12.7.2:
-> Apache 2.4.29

Access Gateway r12.8.2:
-> Apache 2.4.37

Access Gateway r12.8.3:
-> Apache 2.4.39




Cause

There are a number of vulnerabilities in modules bundled with these versions of Apache Web Server on Access Gateway.  These vulnerabilities are specific to the modules bundled with various versions of Apache on Access Gateway.  

Apache 2.4.29

CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file name

CVE-2018-1283 (mod_session): Tampering of mod_session data for CGI applications

CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request

CVE-2018-1312 (mod_auth_digest): Weak Digest auth nonce generation in mod_auth_digest

CVE-2019-0211 Apache HTTP Server privilege escalation from modules' scripts

CVE-2019-0217 (mod_auth_digest): mod_auth_digest access control bypass

CVE-2019-0220: Apache httpd URL normalization inconsistency

CVE-2019-10092 (mod_proxy): Limited cross-site scripting in mod_proxy error page

CVE-2019-10098 (mod_rewrite): mod_rewrite potential open redirect

CVE-2018-17199 (mod_session_cookie): mod_session_cookie does not respect expiry time

 

Apache 2.4.37

CVE-2019-0211 Apache HTTP Server privilege escalation from modules' scripts

CVE-2019-0215 (mod_ssl) access control bypass

CVE-2019-0217 (mod_auth_digest): mod_auth_digest access control bypass

CVE-2019-0220: Apache httpd URL normalization inconsistency

CVE-2019-10092 (mod_proxy): Limited cross-site scripting in mod_proxy error page

CVE-2019-10097 (mod_remoteip): mod_remoteip: Stack buffer overflow and NULL pointer deference

CVE-2019-10098 (mod_rewrite): mod_rewrite potential open redirect

 

Apache 2.4.39

CVE-2019-10092 (mod_proxy): Limited cross-site scripting in mod_proxy error page

CVE-2019-10098 (mod_rewrite): mod_rewrite potential open redirect

 

Environment

Release : r12.7.1; r12.7.2; r12.8; r12.8.1; r12.8.2; 12.8.03

Component : SITEMINDER - Access Gateway

Resolution

Apache on Access Gateway needs to be upgraded to Apache 2.4.41

DE442493: Upgrades Apache on Access Gateway to 2.4.41 on Windows Server

DE438801: Upgrades Apache on Access Gateway to 2.4.41 on Linux