Issued: August 6, 2009
CA's technical support is alerting customers to a security risk with Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, and Unicenter Patch Management. The release of Tomcat as included with the products is potentially susceptible to a cross-site scripting vulnerability. CA has issued a solution to address the issue.
Unicenter Asset Portfolio Management 11.3
Unicenter Asset Portfolio Management 11.3.4
Unicenter Desktop and Server Management 11.2
Unicenter Patch Management 11.2
How to determine if the installation is affected
Customers can use the following technical documents to determine if an installation is affected.
|Unicenter Asset Portfolio Management||TEC492816|
|Unicenter Desktop and Server Management||TEC491323|
|Unicenter Patch Management||TEC491323|
Unicenter Asset Portfolio Management:
Follow the instructions in solution document RI09916.
Unicenter Desktop and Server Management,
Unicenter Patch Management:
Follow the instructions in technical document TEC491323.
Version 1.0: Initial Release
If additional information is required, please contact CA Support at http://support.ca.com/.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team.