A vulnerability scan on a CA Service Catalog host reveals that the installation of AngularJS is no longer supported.

Lack of support implies that no new security patches will be released for the detected version and it is likely to contain security vulnerabilities.

CA Service Catalog 17.3 and 17.4

All Supported Operating Systems

The Service Catalog Engineering team has researched this reported vulnerability with AngularJS.

In internal scans, AngularJS is not vulnerable and currently there are no high and critical vulnerabilities in AngularJS.

In general, scanning tools will suggest upgrading from AngularJS to Angular because its EOS from Google.

However Broadcom has extended support and Broadcom currently does not have any plans to migrate to Angular.

We can assure you that there is no vulnerability in the current version of AngularJS that is being used.

If there is any particular vulnerability that is either critical or high, Broadcom will work with our third-party team to address the vulnerability.

FYI - Angular has not been upgraded in the latest 17.4 release.