search cancel

PAM protection against Buffer Overflow and similar vulnerabilities

book

Article ID: 189006

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Is PAM protected against the Buffer Overflow and similar vulnerabilities?

Environment

Product: Layer 7 Privileged Access Manager.
Version: 3.x

Resolution

Most components of the code verify the following topics to avoid attacks like buffer overflow and others:

  • Value data types are honored.
  • Numeric values are in the expected range. 
  • Special characters which are permitted in names and the like, are escaped when necessary.
  • Other checks to avoid data overwriting.

Anyway, as PAM uses Java and MySQL, it may also be affected by java vulnerabilities or MySQL vulnerabilities.
In case you detect any vulnerability of this kind, or of any other kind, please open a support case defining it, to get it solved as soon as possible.

Additional Information

See also: