Handling the Open Redirect Vulnerability Issue in "LINK WITH BOPSID URL" Parameter

Invalid URL redirects and forwards happen when a web application accepts input URL requests from untrusted sources. Such untrusted URL inputs can be used to create a malicious site to launch a phishing attack. The pdmweb.exe "LINK_WITH_BOPSID+URL" parameter is the key CA SDM component in this vulnerability where the given variable can be exploited to create an untrusted and unauthorised URL input. 
 
 Resolution
Use the CA SDM NX Variable:
 @NX_VALID_EXT_URLS
  command to avoid this issue. This variable can be set to a semicolon separated list of valid URLs to validate the URL parameter against a whitelist. If an URL is found to be invalid, the redirect request is blocked.This option can be installed by running the following 
pdm_configure
 command on a CA SDM Primary server machine: 
pdm_options_mgr -c -s VALID_EXT_URLS -v URL1; URL2; URL3 -a pdm_option.inst
To avoid losing the changes while executing the above command, ensure to run this command with the '
-t
' option. For example:  
pdm_options_mgr -c -s VALID_EXT_URLS -v http://www.domain1.com; http://www.domain2.com; http://www.domain3.com -a pdm_option.inst -t
After making the above changes, restart the CA SDM Services.