ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Potential security vulnerability in AXA SDK (data leakage)
Article ID: 198175
CA Application Experience Analytics SaaS (AXA)
We received the following security report about a potential vulnerability in the app which is related to the AXA SDK.
Could you confirm whether the configuration data included in the cordova_camdo.plist file can be used to access sensitive information on the AXA servers? If so, what is the remediation process to make the data contained in cordova_camdo.plist secure?
Release : SAAS
The fix for this issue is currently targeted for the upcoming 20.2 on-prem release and 20.8 SaaS update.