management_console.war file should be removed from Single Sign-On 12.6.01 AdminUI

Idea created by Miharu_Toyama Employee on Mar 27, 2017
    Under review
    Score1
    • Miharu_Toyama

    management_console.war file is still placed in Single Sign-On 12.6.01 AdminUI (C:\CA\SiteMinder\adminui\server\default\deploy\iam_siteminder.ear. However it should be removed since it is not used by AdminUI.

     

    Although Apache Struts 1.x is placed in management_console.war in SiteMinder12.5x, Siteminder is not affected by Struts 1.x vulnerability since the management_console is not used in SiteMinder.

     

    Struts has been not present already in Third-Party Software Acknowledgments for 12.6.01.
    https://docops.ca.com/ca-single-sign-on/12-6-01/en/third-party-software-acknowledgments
    It has been present in Third-Party Software Acknowledgments for 12.5x.
    https://docops.ca.com/ca-single-sign-on/12-52-sp2/en/third-party-software-acknowledgments