I found this tecdoc:
but it didn't work with CA PAM 4.3.1 version.
Is there a new and updated tecdoc or procedure for this issue?
After further testing, what is exposed is not part of the SEAM framework, but a different vulnerability/exposure.
It seems to be part of the jboss_maindeployer, but I haven't been able to completely narrow this down. There is an earlier CVE that outlines this vulnerability exactly, however the JBoss versions listed are earlier versions than what is used for CA Process Automation - CVE-2008-3273 - So I am right now unable to determine exactly where the problem is coming from.
I do know, however, that this is no longer exposed in CA Process Automation version 4.3 SP02.
I would suggest first that you upgrade to 4.3 SP02.
If you require this to be resolved at the 4.3 SP01 level, then we will need to get an case opened, and follow this through with the engineering team. I cannot provide any information as to an ETA for a fix, so your best option is to upgrade the product where this is no longer an issue.
If you do open an issue for this rather than upgrading, please add to the issue to get the issue to the attention of the CA Process Automation team as we are aware of this.
Let us know what you decide.
Development addressed this issue within the code itself and this vulnerability is not present or exploitable in the 4.3+ releases
Well, in my case I'm able to access this url and read it's contents wich sould not be accessible whatsoever...
This possibility can be considered as a vulnerability, correct?
I just tested that URL in several lab systems and I cannot reach that page in any of my 4.3 SP2 environments, nor can i access that page at :8080/status?full=true or 8443/status?full=true, which are the ports my various LAB servers are installed on. I am looking for a sp1 to try this on, but I do not expect this to to have changed between sp1 and sp2.
What URL is Process Automation on,? Normally we do not use 8180.
Could that URL be returning another application?
Maybe a load balancer?
What do you get when you just go to http://10.0.82.85:8180 ?
I have tested this in 4.3 SP01 base install and I have found that the exposure does exist.
Let me run through the steps outlined in knowledge document to see if this is still exposed, and if so we can discuss from there further.
Retrieving data ...