Do Apache Struts (CVE-2018-11776) and GhostScript vulnerabilities affect PAM?

Document ID : KB000112322
Last Modified Date : 29/08/2018
Show Technical Document Details
Introduction:
Apache STRUTS (CVE-2018-11776) is an open-source web application framework for developing Java EE web applications. GhostScript is an “interpreter,” which is a program that converts programming languages into machine code that is understood by the computer, and executes the code. This feature is used in software suites to enable editing or viewing of documents, such as PDF or PostScript files.
Question:
Are CA PAM versions 2.8.4.1 and 3.2 vulnerable to Apache STRUTS (CVE-2018-11776) and the GhostScript vulnerability? 
Environment:
PAM 2.8 and 3.2
Answer:
PAM does not use STRUTS and is thus not affected, and also PAM is not impacted by the ghostscript vulnerabilities. - confirmed by CA Vulnerabilities Response Team.