CA20140403-01: Security Notice for CA Erwin Web Portal

CA20140403-01: Security Notice for CA Erwin Web Portal

We published a new security notice today for CA Erwin Web Portal. Andrea Micalizzi aka rgod reported multiple directory traversal vulnerabilities, CVE-2014-2210, in Erwin Web Portal through HP’s Zero Day Initiative. The security notice has a cumulative risk rating of high….

CA20140218-01: Security Notice for CA 2E Web Option

CA20140218-01: Security Notice for CA 2E Web Option

On Tuesday, February 18, 2014, we published a new security notice for CA 2E Web Option.  This security notice addresses a publicly disclosed session prediction vulnerability affecting all supported versions of CA 2E Web Option.  We are not aware of…

CA20131024-01: Security Notice for CA SiteMinder

CA20131024-01: Security Notice for CA SiteMinder

On Thursday, October 24, 2013, we published a new security notice for SiteMinder to address a privately reported cross-site scripting vulnerability. We are not aware of any active exploitation in the wild at this time. See the notice below for…

CA20130725-01: Security Notice for CA Service Desk Manager

CA20130725-01: Security Notice for CA Service Desk Manager

We published a new security notice for CA Service Desk Manager today. The notice addresses a privately reported cross-site scripting vulnerability. There are no reports of attackers exploiting the vulnerability in the wild. See the notice below for fix information….

CA20130528-01: Security Notice for CA Process Automation (CA PAM)

CA20130528-01: Security Notice for CA Process Automation (CA PAM)

We published a new security notice today for products that use CA Process Automation. The notice addresses a high-risk remote code execution vulnerability. Remediation is available. See below for further information. CA20130528-01: Security Notice for CA Process Automation (CA PAM) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={2E258599-2A95-4D56-9C0C-BEFA4FB904FE}…

Update: CA20130213-01: Security Notice for CA ControlMinder

Update: CA20130213-01: Security Notice for CA ControlMinder

We published a new version of the following notice today. ControlMinder customers are urged to review the latest recommendations and release notes. CA20130213-01: Security Notice for CA ControlMinder https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={A6F2B559-F02D-4FCE-B3BF-C743219D4A27} Kevin Kotas Director, CA Technologies Product Vulnerability Response Team The opinions…

CA20130319-01: Security Notice for SiteMinder products using SAML

CA20130319-01: Security Notice for SiteMinder products using SAML

I published a new security notice today for SiteMinder products. The notice concerns a high risk set of vulnerabilities that deal with SAML. We are not currently aware of any exploitation of these vulnerabilities. Solutions are available.   CA20130319-01: Security Notice…

CA20130213-01: Security Notice for CA ControlMinder

CA20130213-01: Security Notice for CA ControlMinder

A new security notice for CA ControlMinder is now available. The notice concerns a publicly known and high risk vulnerability for the bundled JBoss Application Server. Fixes are available. See the notice below for more information. CA20130213-01: Security Notice for CA ControlMinder…