Previous Topic: REST and Catalyst Operations Are Not Handled by CA SiteMinder SPS in One CaseNext Topic: Microsoft User Access Control Prevents Successful Launch of Orchestrator Node

Known IssuesDisabling of JBoss Seam Framework after an Upgrade

Disabling of JBoss Seam Framework after an Upgrade

CA Technologies Support has notified customers about a high risk remote code vulnerability affecting certain releases of CA Process Automation, including Service Pack 04.0.01 (4.0 SP01)and Release 04.1.00 (4.1). The vulnerability occurs in the bundled JBoss Seam component and is known as CVE-2010-1871. CA Technologies recommends that you disable the JBoss Seam component to resolve the vulnerability when upgrading from the following CA Process Automation releases:

Important! New installations of CA Process Automation 4.1 SP01 and 4.2 have Seam disabled by default. In this case, the following manual remediation is not required. However, if you did not perform these steps during the 4.1 SP01 upgrade, you should do so now.

Follow these steps:

  1. Stop the CA Process Automation service.
  2. Delete the contents of the following directories: 
    install_dir\server\c2o\.tmp 
install_dir\server\c2o\temp 
install_dir\server\c2o\tmp 
install_dir\server\c2o\work
  3. Create a backup directory outside of the CA Process Automation directory tree (for example, "PAM-Seam-Backup").
  4. Move the following folders from <PAM_Home>\server\c2o\deployers to the backup location: 
    seam.deployer 
webbeans.deployer
  5. Move the following folder from <PAM_Home>\server\c2o\ to the backup location: 
    admin-console.war
  6. Start the CA Process Automation service.

Note: The preceding instructions disable the JBoss Admin Console.

  1. If the JBoss Admin Console is temporarily needed:
    1. Stop the CA Process Automation service.
    2. Move the admin-console.war folder from the backup location to install_dir\server\c2o\.
    3. Start the CA Process Automation service.
  2. When the Admin Console is no longer needed:
    1. Stop the CA Process Automation service.
    2. Move the admin-console.war folder from the backup location to install_dir\server\c2o\.
    3. Start the CA Process Automation service.