Admin UI Runtime Java vulnerabilities

Document ID : KB000126440
Last Modified Date : 08/02/2019
Show Technical Document Details
Question:
Single Sign-On (FKA Siteminder) Admin UI 12.8 comes shipped with 1.8.0_144 runtime Java. Security scans say I need at least java 1.8 update 191 or above to mitigate the vulnerabilities.  What version of Admin ui comes with runtime Java 1.8 update 191 or above?
Environment:
Windows and Linux
Admin ui 12.8 and 12.8 SP1
Answer:
Both Admin UI 12.8 and 12.8 SP1 use runtime java version 1.8.0-144.

Admin UI Release 12.8 SP2 contains runtime java 1.8 update 202.

[root@bin]# cat /opt/ca/siteminder/adminui/install_config_info/*ver* 
ProductName=CA Single Sign-On Administrative Console
FullVersion=12.80.200.1992

[root@bin]# pwd 
/opt/ca/siteminder/adminui/runtime/bin 
[root@bin]# ./java -version 
java version "1.8.0_202" 
Java(TM) SE Runtime Environment (build 1.8.0_202-b08) 
Java HotSpot(TM) 64-Bit Server VM (build 25.202-b08, mixed mode)
Additional Information:
For more information about 12.8 SP2, please see the release notes link below:
https://docops.ca.com/ca-single-sign-on/12-8/en/release-notes/service-packs