Known Issues › Remote Code Execution Vulnerability in CA Process Automation

Remote Code Execution Vulnerability in CA Process Automation

Symptom:

CA Process Automation includes the JBoss Seam component, which contains a remote code execution vulnerability. We recommend you to disable and remove JBoss Seam from CA Process Automation.

By default, the following solution also disables the JBoss Admin Console. If the Admin Console is needed, the instructions can be reversed.

Solution:

Follow these steps:

1. Log in to the CA Process Automation server.
2. Stop the CA Process Automation service.
3. Delete the contents of the following directories:
   • <PAM_Home>\server\c2o\.tmp
   • <PAM_Home>\server\c2o\temp
   • <PAM_Home>\server\c2o\tmp
   • <PAM_Home>\server\c2o\work
4. Create a backup directory outside the CA Process Automation directory.

   For example, PAM-Seam-Backup

5. Move the following folders from <PAM_Home>\server\c2o\deployers to the backup location:
   • seam.deployer
   • webbeans.deployer
6. Move the following folder from <PAM_Home>\server\c2o\deploy to the backup location:
   • admin-console.war
7. Restart the CA Process Automation service.

   Note: When you want to access the Admin Console temporarily, stop the CA Process Automation service, revert the changes in step 6, and then restart the CA Process Automation service. Repeat step 6 when the Admin Console is no longer needed.