search cancel

CVE-2022-3786 | CVE-2022-3602 for CA Service Operations Insight 4.x, Application Delivery Analysis(ADA) 11.1.3 and Capacity Manager 2.9.4

book

Article ID: 253242

calendar_today

Updated On:

Products

CA Service Operations Insight (SOI) CA Application Delivery Analysis (NetQoS / ADA) CA Capacity Manager

Issue/Introduction

CVE-2022-3786 | CVE-2022-3602 was published in the National Vulnerability Database on November 1st, 2022. 

The vulnerability is caused with the use of OpenSSL versions 3.0 and above.

Are these products impacted? 

CA Service Operations Insight 4.x (SOI)

Application Delivery Analysis(ADA) 11.1.3

Capacity Manager 2.9.4

Environment

CA Service Operations Insight 4.x (SOI)

Application Delivery Analysis(ADA) 11.1.3

Capacity Manager 2.9.4

Cause

The vulnerability is caused with the use of OpenSSL versions 3.0 and above.

The below products are not impacted.

CA Service Operations Insight 4.x (SOI)

Application Delivery Analysis(ADA) 11.1.3

Capacity Manager 2.9.4

Resolution

The products SOI/ADA/CAPMAN do not use a vulnerable version of OpenSSL and therefore are NOT impacted by this vulnerability.

The below products are not impacted.

CA Service Operations Insight 4.x (SOI)

Application Delivery Analysis(ADA) 11.1.3

Capacity Manager 2.9.4