API-Portal Vulnerability(CVE-2018-5390)

Document ID : KB000112495
Last Modified Date : 30/08/2018
Show Technical Document Details
Question:
Does API Portal take the influence of the security vulnerability? 
If so, is the fix included in the product? 

・CVE-2018-5390
Environment:
API Portal 3.1
API Portal 3.5
Answer:
Platform Update on August 2018 includes OS patches corresponding to CVE-2018-5390.
For the appliance version, please apply the following Platform Update.
https://support.ca.com/us/product-content/recommended-reading/technical-document-index/ca-api-gateway-solutions-and-patches.html

API Portal3.5:
CA_API_PlatformUpdate_64bit_v9.X-RHEL-2018-08-26.L7P

API Portal3.1:
CA_API_PlatformUpdate_64bit_v8.1-RHEL-2018-08-26.L7P