Vulnerability CVE-2015-9251 and CVE-2019-11358

book

Article ID: 198715

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

Vulnerability CVE-2015-9251 and CVE-2019-11358 was detected during a vulnerability scan.

Recommended fix it to upgrade jquery.min.js to version 3.4.0.

Cause

The installed version of jquery.min.js is 2.2.4

Environment

Release : 14.2 / 14.3

Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)

Resolution

At this time sustaining engineering is not planning on resolving the vulnerability as it will require an overhaul of the code within the application. The vulnerability will be evaluated against 14.4 and the latest CP of 14.3.