CVE-2023-25690 was published in the National Vulnerability Database March 7th, 2023.
Further information can be found at https://nvd.nist.gov/vuln/detail/CVE-2023-25690
The vulnerability is caused with the use of Apache HTTP Server versions 2.4.0 through 2.4.55
CA Service Management 17.3
All Supported Operating Systems
CA Service Desk Manager is NOT vulnerable.
For xFlow, follow the below steps to remediate the vulnerability:
1. Stop the xFlow services
2. Search for the folder 'Apache24' under the xFlow root installation folder (i.e. C:\Program Files\CA\xFlow) and delete it
3. Restart the xFlow services