The following vulnerable instances of Java are installed on the
remote host :
Path : D:\WAMUI\SiteMinder\adminui\runtime\bin\java.exe
Path : D:\WAMUI\SiteMinder\adminui\runtime\jre\bin\java.exe
Installed version : 1.8.0_144
Fixed version : 1.7.0_241 / 1.8.0_231 / 1.11.0_5 / 1.13.0_1
Is it possible to get a patch for the AdminUI?
Current Version of AdminUI:
ProductName=CA Single Sign-On Administrative Console
Release : 12.8.03
Component : SITEMINDER - AdminUI
Instructions provided for upgrading the AdminUI Java:
-Download the latest release of AdpoptOpenJDK 8.
-Stop the AdminUI process
-Backup and or tar runtime CA/siteminder/adminui/runtime
-Overwrite the current release of Java in 'runtime' with what was downloaded from AdpoptOpenJDK jdk8u275-b01
Please note that it is only valid to upgrade within the same major release of Java. In this instance, the 12.8.x AdminUI uses Java 1.8x, so this particular AdminUI can be upgraded to any newer 1.8 release of Java.