search cancel

Product Vulnerability - Outdated jQuery Library (Coding Flaw)

book

Article ID: 202567

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

A Penetration test has identified and It is recommended that the version of jQuery in use on CA Spectrum application be updated in order to mitigate the risk of publicly known vulnerabilities in jQuery affecting the target application.

Environment

Release : 10.4.2.1

Component : Spectrum Core / SpectroSERVER

Cause

We use jQuery in Service Desk Integration NIM (3.2.0.314) which is part of Spectrum 10.4.2.1.

Resolution

Jquery will be updated to 3.5.1 in November 2020 to be tracked under US709282: NIM Upgrade - SNOW-Paris and added to Spectrum in a future release.

Additional Information

Vulnerability for Jquery was validated here

 

 Jquery Vulnerability