ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Vulnerability in Java JVM from install_config_jre folder in AdminUI
Article ID: 209251
Updated On:
Products
CA Single Sign On Federation (SiteMinder)
SITEMINDER
Issue/Introduction
Having installed the Policy Server and AdminUI 12.8SP2, an internal
Security Scan has detected the following JVM installation vulnerable:
For Siteminder Policy Server :
Path : /opt/CA/siteminder/install_config_info/install_config_jre/
Installed version : 1.8.0_131
Fixed version : 1.7.0_221 / 1.8.0_211 / 1.11.0_3 / 1.12.0_1
The JVM should be upgraded to 1.8.0_211.
For AdminUI vulnerability detected is below :
Path : /opt/CA/siteminder/adminui/install_config_info/install_config_jre/
Installed version : 1.8.0_51
Fixed version : 1.7.0_221 / 1.8.0_211 / 1.11.0_3 / 1.12.0_1
The JVM should be upgraded to 1.8.0_211 too.
How to upgrade those versions to the 8.0_211 version of Java to
remediate the vulnerabilities?
Resolution
At first glance, those JVM installations are only used for the
installation phase of the product and they aren't in usage further as
reported for the Web Agent (1) too.
So the solution to avoid the scanning of the file system telling that
the installer JVM is vulnerable is:
- Tarball the following repositories, and archive
them :
ca-wa-uninstall/
install_config_jre/
This will have no impact on the AdminUI functionalities.
Additional Information
Feedback
Yes
No
Powered by
