A number of Common Vulnerabilities and Exposures (CVE's) published for Apache HTTPS Server 2.4.64 and older.  These CVE's are remediated in Apache HTTP Server 2.4.65.

For Apache HTTP Server on Siteminder Access Gateway, see the following KB's:

Vulnerability in Apache 2.4.64 and older in Siteminder Access Gateway r12.8.8.1 and Older

Vulnerability in Apache 2.4.64 and older in Siteminder Access Gateway r12.9

PRODUCT: SiteMinder

COMPONENT: Agent for Sharepoint

VERSION: 12.8.7 & 12.8.8

OPERATING SYSTEM: ANY

The following CVE was published for Apache HTTP Server 2.4.64:

CVE-2025-54090: Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64

SEVERITY: Moderate

DESCRIPTION: A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

IMPACTED: 2.4.64

REMEDIATED: 2.4.65

There are CVE's published for HTTP Server 2.4.63 and older as well.  CVE's are referenced in "Additional Information" below.

This solution only applies to Apache HTTP Server on the Sharepoint Agent r12.8.x.  For Apache on Siteminder Access Gateway, review the following KB's:

Vulnerability in Apache 2.4.64 and older in Siteminder Access Gateway r12.8.8.1 and Older

Vulnerability in Apache 2.4.64 and older in Siteminder Access Gateway r12.9

How to Verify the version of Apache HTTP Server Installed on Siteminder Agent for Sharepoint

WINDOWS

1. Stop the running Sharepoint Agent

2. Using File Explorer, navigate to the Sharepoint Agent installation directory

Default: <Install_Dir>\CA\Agent-for-SharePoint\

3. Back-up the original '\httpd' directory <httpd_orig>

<Install_Dir>\CA\Agent-for-SharePoint\httpd

4. Unzip the attached "httpd_2465_win64_128801andBelow.zip" and copy the 'httpd' folder to <Install_Dir>\CA\Agent-for-SharePoint\

5. Copy the the '/conf' directory from the original  "<httpd_orig>\conf"  into  <Install_Dir>\CA\Agent-for-SharePoint\/httpd

6. Copy the the 'configssl.bat' file from the original  "<httpd_orig>\bin"  into  <Install_Dir>\CA\Agent-for-SharePoint\/httpd\bin

8. Upgrade to OpenSSL 1.0.2zl as per KB385668: Vulnerabilities in OpenSSL 1.0.2zk and Older on Siteminder Access Gateway r12.8.x

9. Start the Sharepoint Agent

LINUX

1. Stop the running Sharepoint Agent

2. Navigate to the Sharepoint Agent installation directory 

Default: <Install_Dir>/CA/Agent-for-SharePoint/

3. Back-up the original '/httpd' directory <httpd_orig>

<Install_Dir>/CA/Agent-for-SharePoint/httpd

4. Unzip the attached 'httpd_2465_linux_1280801andBelow.zip' file and copy the '/httpd' folder to <Install_Dir>/CA/Agent-for-SharePoint/

5. Copy the following files from the original  <httpd_orig>  into  <Install_Dir>/CA/Agent-for-SharePoint/

cp -r httpd_orig/conf  httpd/
cp httpd_orig/bin/apachectl httpd/bin/
cp httpd_orig/bin/apr-1-config  httpd/bin/
cp httpd_orig/bin/apu-1-config httpd/bin/
cp httpd_orig/bin/apxs httpd/bin/
cp httpd_orig/bin/envvars httpd/bin/
cp httpd_orig/bin/envvars-std  httpd/bin/

6. Upgrade to OpenSSL 1.0.2zl as per KB385668: Vulnerabilities in OpenSSL 1.0.2zk and Older on Siteminder Access Gateway r12.8.x

7. Start the Sharepoint Agent