CVE-2021-28375 relevance for PAM and Threat Analytics

book

Article ID: 220680

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

We were notified of CVE-2021-28375 and are required to check on vulnerable Linux servers. We know that both PAM and Threat Analytics appliances run on Linux kernels. Are they vulnerable?

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

PAM and Threat Analytics run kernel versions that are not affected. Also, both are closed appliances that do not serve interactive user sessions, and the vulnerability isn't a concern for that reason.