Potential security vulnerability in AXA SDK (data leakage)

book

Article ID: 198175

calendar_today

Updated On:

Products

CA Application Experience Analytics SaaS (AXA)

Issue/Introduction

We received the following security report about a potential vulnerability in the app which is related to the AXA SDK.

Could you confirm whether the configuration data included in the cordova_camdo.plist file can be used to access sensitive information on the AXA servers? If so, what is the remediation process to make the data contained in cordova_camdo.plist secure?



Environment

Release : SAAS

Component : 

Resolution

The fix for this issue is currently targeted for the upcoming 20.2 on-prem release and 20.8 SaaS update.