BugTraq
CA20160627-01: Security Notice for Release Automation Jun 30 2016 03:27PM
Kotas, Kevin J (Kevin Kotas ca com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20160627-01: Security Notice for Release Automation

Issued: June 27, 2016
Last Updated: June 27, 2016

CA Technologies Support is alerting customers to multiple potential risks
with CA Release Automation. Three vulnerabilities exist that can allow a
remote attacker to potentially gain sensitive information or cause a
denial of service condition. CA has fixes available.

The first vulnerability, CVE-2015-7370, occurs due to the inclusion of a
vulnerable 3rd party component, Open Flash Chart. A remote attacker
can conduct cross-site scripting attacks. CA technologies assigned a
Medium risk rating to this vulnerability.

The second vulnerability, CVE-2015-8698, occurs due to insufficient
verification of requests to the web server, which can lead to limited XML
external entity attacks. An authenticated attacker in the local network
can potentially gain sensitive information or cause a denial of service
condition. CA technologies assigned a Medium risk rating to this
vulnerability.

The third vulnerability, CVE-2015-8699, occurs due to insufficient
verification of requests to the web interface, which leads to multiple
reflected cross-site scripting vulnerabilities and one stored cross-site
scripting vulnerability. CA technologies assigned a Medium risk rating to
these vulnerabilities.

Risk Rating

CVE Identifier
Risk
Vulnerable Releases

CVE-2015-7370
Medium
CA Release Automation versions prior to and including: 5.0.2-193,
5.5.1-1613, 5.5.2-409, 6.1.0-1004

CVE-2015-8698
Medium
CA Release Automation versions prior to and including: 5.0.2-193,
5.5.1-1613, 5.5.2-409, 6.1.0-1004

CVE-2015-8699
Medium
CA Release Automation versions prior to and including: 5.0.2-193,
5.5.1-1613, 5.5.2-409, 6.1.0-1004

Platform(s)

All platforms

Affected Products

CA Release Automation (formerly CA LISA Release Automation) prior to
and including 5.0.2-193, 5.5.1-1613, 5.5.2-409, 6.1.0-1004

How to determine if the installation is affected

Customers may check the build number of their RA installation at the
Help->About menu option at the ROC web application.

Customers may also determine which fixes are applied by looking at the
Fix_Maintenance directory.

Windows example:
C:\Program Files\CA\LISAReleaseAutomationServer\Fix_Maintenance

Linux, Solaris example:
/opt/LISAReleaseAutomationServer/Fix_Maintenance

If the installed product Fix build is less than the build number in the
below table, the installation is vulnerable.

Product release
Fix build

CA Release Automation 6.1.0
6.1.0-1026

CA Release Automation 5.5.1
5.5.1-1616

CA Release Automation 5.5.2
5.5.2-434

CA Release Automation 5.0.2
5.0.2-227

Solution

CA Technologies has issued the following updates to address the
vulnerabilities.

CA Release Automation 6.1.0:
Update to CA Release Automation 6.1.0-1026 or later

CA Release Automation 5.5.1:
Update to CA Release Automation 5.5.1-1616 or later

CA Release Automation 5.5.2:
Update to CA Release Automation 5.5.2-434 or later

CA Release Automation 5.0.2:
Update to CA Release Automation 5.0.2-227 or later

References

CVE-2015-7370 - Open Flash Chart XSS
CVE-2015-8698 - Release Automation XXE
CVE-2015-8699 - Release Automation multiple XSS

Acknowledgement

CVE-2015-7370, CVE-2015-8698, CVE-2015-8699 -
Marcin Woloszyn, ING

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technologies
Support at https://support.ca.com/

If you discover a vulnerability in CA Technologies products, please
report your findings to the CA Technologies Product Vulnerability
Response Team at vuln <AT> ca.com

Security Notices and PGP key
support.ca.com/irj/portal/anonymous/phpsbpldgpg
www.ca.com/us/support/ca-support-online/documents.aspx?id=177782

Regards,

Kevin Kotas
Vulnerability Response Director
CA Technologies Product Vulnerability Response Team

Copyright (c) 2016 CA. All Rights Reserved. One CA Plaza, Islandia,
N.Y. 11749. All other trademarks, trade names, service marks, and
logos referenced herein belong to their respective companies.

-----BEGIN PGP SIGNATURE-----
Charset: utf-8

wsFVAwUBV3Gy0zuotw2cX+zOAQqR2A//Vz51P8jffsChitbyD3Cy+oRM6gsHBR1P
XmSajFOx79cbSQgTYWwfr6qjAfQSz2SO9PA76RPwbLrn/htFuwYm0BnYUIsSHyIA
xSabt4jABQ/ER5Qwn8Mqrj/WElFbg/rY60gUSGhDm8yORzRHo5CA1w5kD92QeoU7
0GHsoYPbNvYXRL36de7OPV1YWjvEMEb6hQWeMZu2FAJ10GThgNUGcSAwzk6Nwkjz
T7ZcKIOWCNel9gJCbHcTeyZcoZzBU/MPWOmLkiNH6X+f0dBIBi0Y1DQG9bvpIGGu
q9xTCzS4D79YFXHrqmaZVobCfi/+DByUSaeiYc+oIGuOKHVXG+ek+0jCQNXZIOrQ
aad4AaOn9j7yu7ozFRFMs0CtoCviQLENXi0H9Rs6diBDtUS/pmM2Q5dTz2T6OMJU
DG9c5fVs7Ei/x8S06/507ifM7io7RVYTN4NGFzj4D6MAQufIrdGZCFdCFFIPYTuG
Vj6qxdOIJO3XdXzUVimnf0SLxYpbB3Blap9wq4ytUBMWBA1/iDkwTvKWpgjigS3/
FjCe+pA3234+r96wTMQD9X23Ui9O/4WHvBQGdhuYuMm7EeVOhvrOPdMltNqMqjgm
jGnijk8rYtqEmX6Wir0eUKMkh1zSy4rBFlXsNiS6qdZ9OSpd7kjxidcwm8uGB0HG
m4bQtwBM1YQ=
=Qrip
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus