Symantec SiteMinder Patch for CVE 2020-9484
16092
08 July 2020
08 July 2020
OPEN
High
7.0
To: Symantec SiteMinder (previously CA Single Sign-On) Customers
This notice is to alert you to the availability of patches and instructions regarding the vulnerability CVE-2020-9484 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484 and https://nvd.nist.gov/vuln/detail/CVE-2020-9484). This vulnerability is rated at 7.0 High Severity.
SiteMinder embeds Apache Tomcat in the SiteMinder Access Gateway and the SiteMinder Agent for SharePoint. Patches and deployment instructions for the following versions of these SiteMinder components are being made available via this location
When you reach that location, search on “9484” and you will find a link to deployment instructions and to the patches for each of these:
- Access Gateway (previously SPS) versions 12.7.01, 12.7.02, 12.8.02, 12.8.03
- Agent for SharePoint version 12.52 SP1 CR10
The recently released SiteMinder 12.8.04 Access Gateway has the patch already incorporated.
If you have questions please contact Broadcom Support:
https://www.broadcom.com/support/services-support/ca-support/contact-support?intcmp=footernav