Ghostcat Patch for Access Gateway
Article ID: 188128
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On Agents (SiteMinder)
CA Single Sign On Federation (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
SITEMINDER
Issue/Introduction
We're running a CA Access Gateway (SPS) and we'd like to know if version 12.52
is also affected by the GhostCat vulnerability ?
Environment
CA Access Gateway (SPS) 12.52SP1CR01 on RedHat 6
Resolution
At first glance, CA Access Gateway (SPS) 12.52 is out of support as
per notice here :
CA Single Sign-On r12.52 End of Service Announcement
CA Technologies is continually working to improve our software and
services to best meet the needs of our customers. In accordance with
the CA Support Policy and Terms available at
https://casupport.broadcom.com, please consider this email your
written notification that we are discontinuing technical support for
CA Single Sign-on 12.52 (including all Service Packs and Cumulative
Releases) effective February 28, 2019.
This End of Service plan refers to CA Single Sign-On which includes
these components:
CA Single Sign-On Access Gateway (previously Secure Proxy Server)
https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2017/ca-single-sign-on-r12-52-end-of-service-announcement.html?r=2
and as such you have to upgrade CA Access Gateway (SPS) to get the
service patched against the vulnerability CVE-2020-1938.
Feedback
Yes
No
Powered by
