search cancel

CA Workload Automation Agent Java Vulnerabilities


Article ID: 197776


Updated On:


Workload Automation Agent


Running a vulnerability scan and found CA WA Agent 11.5 in vulnerability report.

Are these valid or false alarms? 




Release : 11.5

Component : CA Workload Automation System Agent


Every java release has some form of vulnerability. There is no such thing as a non-vulnerable release of the agent. New vulnerabilities are discovered pretty much on a daily basis.

The customer can upgrade Java as Broadcom no longer ships Oracle java due to licensing. Due to Oracle licensing, customers will need to either purchase updated JRE from Oracle or use the Adopt OpenJDK JRE. Customers must stay within the 1.8 release of Java.

This is not a defect.