Unicenter TNG Utilities Multiple Remote Buffer Overflow Vulnerabilities


Article ID: 32094


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On



A Vulnerability Scan has detected and reported a vulnerability similar to this:

38429 CA (Computer Associates) Unicenter TNG Utilities Multiple Remote Buffer Overflow Vulnerabilities. 
This is also associated to 



Can occur in 12.5 and 12.6 versions of Identity Manager.



The Remote Buffer Overflow vulnerability is a known problem that occurs in CAM, which is used with the Provisioning Server. A fix is included in CAM 1.14 build 1, however the scan may still report the vulnerability even when CAM 1.14 build 1 is installed. In most cases the reported vulnerability should be considered a false alarm (see Resolution below).



The vulnerability is fixed in CAM 1.14 build 1. 

1. Verify the CAM version by running camstat at the command prompt on the Provisioning Server.

The output of camstat will look something like this.

CAM - Version 1.14 (Build 1) 

2. If your current CAM version is 1.14 (Build 1) there is no further action required and the vulnerability reported by the scan should be ignored as a false alarm.

If your CAM version is lower than 1.14 Build 1 you may need to upgrade, though all current versions of Identity Manager should have 1.1.4 build 1. Please contact Support for assistance if camstat does not show CAM - Version 1.14 (Build 1).


Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente


Please Update This Required Field