Product: CA Service Catalog

Access the url "http://<catalogserver>/usm/documents"

A prompt is presented asking for credentials, possibly an invader to perform brute force methods to gain access to the system.

Release : 17.3

Component : CA SERVICE CATALOG

Information Security team have reported a security issue on CA Catalog that services are exposed to the Internet
This behavior (a popup asking for credentials) was considered a security issue by security team.
since an invader can use the popup to gain unauthorized access to our environment through brute force techniques

I wanted to inform you that a new defect (DE57634) has been raised for this issue and Engineering team are working on this.

Please be on the lookout for our proactive notifications and release notes which will also provide information about the defect fixes that are released.

Article title: How to register to Broadcom Software Product updates and Critical Alerts

https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=133819