ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Log4j 2.17 embedded in Siteminder component


Article ID: 236904


Updated On:


SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder)



Which version of CA Access Gateway (SPS) has embedded log4J 2.17 or
latest which will not require any mitigations for SSO & Access Gateway




Log4j 2.17 is already provided in all the Siteminder component
12.8SP6a (1).

Download CA Access Gateway (SPS) 12.8SP6a are available (2).
Download AdminUI and Policy Server 12.8SP6a are available (3).


Additional Information



    Change to Existing Features in 12.8.06a

      | Third-party Component | CVE Resolved                              |
      | Apache log4j 2.17.1   | CVE-2021-44228, CVE-2021-44832, CVE-2021- |
      |                       | 45046, CVE-2021-45105                     |


    SSO ACCESS GATEWAY R12.8 SP06a [#2658]


    SSO POLICYSERVER R12.8 SP06a [#2658]