search cancel

SSL vulnerability under port 6844 (SdmConnectorService.exe)

book

Article ID: 255617

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

A vulnerability scanner detected next vulnerabilities on SdmConnectorService.exe listening on TCP port  6844 

CVE-2004-2761
CVE-2016-2183
CVE-2013-2566, CVE-2015-2808

The Spectrum release is 21.2.8

How can this be remediated?

Environment

Release : 21.2

Cause

This problem affects to Spectrum releases previous to 21.2.12

The issue occurs due the CAPKI library version and the certificates used for the communication between Secure Domain Manager (SDM) and the Secure Domain Connector (SDC)

The issue is addresses on Spectrum 21.2.12 onward

Resolution

This problem has been remediated on Spectrum release 21.2.12. Next is an extract from 21.2.12 Release Notes:

IMPORTANT!!!

The only way to remediate the vulnerability is upgrading Spectrum.

Additional Information

Installing and Upgrading to 22.2.4

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/spectrum/22-2/installing-and-upgrading.html

DX/CA Spectrum Upgrade Path

https://knowledge.broadcom.com/external/article/136964/dxca-spectrum-upgrade-path.html

Attachments