Layer7 API Management

Expand all | Collapse all

CA - PROACTIVE NOTIFICATION - APIGTW - ADVISORY - AAPIGTW-100704

  • 1.  CA - PROACTIVE NOTIFICATION - APIGTW - ADVISORY - AAPIGTW-100704

    Posted 09-21-2018 05:27 AM

    Are there any test steps for this advisory in order to prove the gateway is no longer vulnerable ?



  • 2.  Re: CA - PROACTIVE NOTIFICATION - APIGTW - ADVISORY - AAPIGTW-100704

    Posted 10-20-2018 12:23 AM

    As the vulnerability was at the OS level ensuring that the gateways have the latest platform patches will ensure that the gateways are protected. As for the attack vector, the following sites outline how to exploit this flaw: https://access.redhat.com/security/vulnerabilities/speculativeexecution  and Meltdown and Spectre 

     

    Sincerely,

     

    Stephen Hughes

    CA Support