Change Download Preference

Current Preference
Change Preference to:

CA20090615-02: Security Notice for CA Service Desk

Issued: June 15, 2009
Last Updated: June 15, 2009

CA's technical support is alerting customers to a security risk with CA Service Desk r11.2. The release of Tomcat as included with CA Service Desk r11.2 is potentially susceptible to a cross-site scripting vulnerability.  CA has issued a technical document that describes remediation procedures.

Risk Rating



Windows, Unix

 Affected Products

CA Service Desk r11.2

 How to determine if the installation is affected

Customers can use the instructions in technical document TEC489643 to determine if an installation may be affected.


Follow the instructions in technical document TEC489643.



 Change History

Version 1.0: Initial Release

If additional information is required,  please contact CA Support at

If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team.