ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Ghostcat Patch for Access Gateway

book

Article ID: 188128

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


We're running a CA Access Gateway (SPS) and we'd like to know if version 12.52

is also affected by the GhostCat vulnerability ?

Environment


CA Access Gateway (SPS) 12.52SP1CR01 on RedHat 6

Resolution


At first glance, CA Access Gateway (SPS) 12.52 is out of support as

per notice here :

  CA Single Sign-On r12.52 End of Service Announcement

    CA Technologies is continually working to improve our software and
    services to best meet the needs of our customers. In accordance with
    the CA Support Policy and Terms available at
    https://casupport.broadcom.com, please consider this email your
    written notification that we are discontinuing technical support for
    CA Single Sign-on 12.52 (including all Service Packs and Cumulative
    Releases) effective February 28, 2019.

    This End of Service plan refers to CA Single Sign-On which includes
    these components:

    CA Single Sign-On Access Gateway (previously Secure Proxy Server)

  https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2017/ca-single-sign-on-r12-52-end-of-service-announcement.html?r=2

and as such you have to upgrade CA Access Gateway (SPS) to get the
service patched against the vulnerability CVE-2020-1938.