Old version of java on the Data Repository
search cancel

Old version of java on the Data Repository

book

Article ID: 112324

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

We found a vulnerability on the Data Repository servers. It's found in the /opt/CA/IMDataRepository_vertica*/jre/bin/java directory.

Currently our CA PM instance is running on version 22.2.1. In the vulnerability scan report we noticed multiple vulnerabilities related to OpenJDK in Data Repository cluster targeting directory IMDataRepository_vertica9. I would like to know, Is it safe to remove/delete the directory or not? do we have any impact if we remove/delete the directory? 

Sample for your reference:

Vulnerability Name :  OpenJDK 7 <= 7u361 / 8 <= 8u352 / 11.0.0 <= 11.0.17 / 13.0.0 <= 13.0.13 / 15.0.0 <= 15.0.9 / 17.0.0 <= 17.0.5 / 19.0.0 <= 19.0.1 Multiple Vulnerabilities (2023-01-17
CWE ID : CVE-2023-21830, CVE-2023-21835, CVE-2023-21843
Path : /opt/CA/IMDataRepository_vertica9/
Installed version : 1.8.0_282
 Fixed version     : Upgrade to a version greater than 8u352

DX NetOps Performance Management Data Repository Vertica database

Environment

All supported DX NetOps Performance Management Data Repository Vertica database releases

Cause

The jre shipped with the Vertica install bundle is used only for the install, or subsequent uninstall.

Resolution

You may delete the directory under /opt/CA/IMDataRepository_vertica* after the install is completed.

It is recommended to always keep the current version directory for the release in use. There are scripts and files that are used with the tool stored in that location. Removing it would prevent use of those items.

For example you used to run Vertica release 9.x but upgraded NetOps to a release using Vertica release 10.x. You now have two directories:

  • /opt/CA/IMDataRepository_vertica9
  • /opt/CA/IMDataRepository_vertica10

It is safe to delete the *vertica9 directory. All files or scripts needed with the current install would come from the *vertica10 directory.