Security Notice for CA Spectrum

Document ID : KB000094815
Last Modified Date : 15/05/2018
Show Technical Document Details
CA20180501-01: Security Notice for CA Spectrum


CA Spectrum 10.1.x:
CA Spectrum 10.2.x:

CA Technologies Support is alerting customers to a potential risk with CA Spectrum. A vulnerability exists that can allow an unauthenticated remote attacker to cause a denial of service. CA has solutions to resolve the vulnerability.

The vulnerability, CVE-2018-6589, occurs due to how a Spectrum network service handles invalid data. A remote attacker can send a request that may disrupt a Spectrum service and potentially cause further product instability.

For additional information see the following link:

Also, patches are being built to address this issue for currently supported versions of Spectrum:

CA Spectrum 10.1.2:
Apply 10.01.02.PTF_10.1.239

CA Spectrum 10.2.2:
Apply 10.02.02.PTF_10.2.227