CVE-2023-25690
search cancel

CVE-2023-25690

book

Article ID: 262591

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager CA Service Desk Manager CA Service Desk Manager

Issue/Introduction

CVE-2023-25690 was published in the National Vulnerability Database March 7th, 2023.

Further information can be found at https://nvd.nist.gov/vuln/detail/CVE-2023-25690

The vulnerability is caused with the use of Apache HTTP Server versions 2.4.0 through 2.4.55

Environment

CA Service Management 17.3

All Supported Operating Systems

Resolution

CA Service Desk Manager is NOT vulnerable.

For xFlow, follow the below steps to remediate the vulnerability:

1.  Stop the xFlow services

2.  Search for the folder 'Apache24' under the xFlow root installation folder (i.e. C:\Program Files\CA\xFlow) and delete it

3.  Restart the xFlow services