TDM 4.8+ Java Upgrade
search cancel

TDM 4.8+ Java Upgrade


Article ID: 204186


Updated On:


CA Test Data Manager (Data Finder / Grid Tools)



We are seeing the following Java vulnerability reported on our Datamaker servers. We show the following components:

  • FDM 4.8.162
  • GT Datamaker 4.7.40

However, one of the servers shows to have AdoptOpenJDK 1.8.0_212 installed, so that system could be running TDM 4.8+. Would upgrading to TDM 4.9.1 resolve the reported vulnerability?


CVE Numbers: CVE-2019-2894,CVE-2019-2933,CVE-2019-2945,CVE-2019-2949,CVE-2019-2958,CVE-2019-2962,CVE-2019-2964,CVE-2019-2973,CVE-2019-2975,CVE-2019-2977,CVE-2019-2978,CVE-2019-2981,CVE-2019-2983,CVE-2019-2987,CVE-2019-2988,CVE-2019-2989,CVE-2019-2992,CVE-2019-2996,CVE-2019-2999,CVE-2019-11068

Description: The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 241, 8 Update 231, 11 Update 5, or 13 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components :

    • 2DLibraries
    • Kerberos
    • Networking
    • JavaFX
    • Hotspot
    • Scripting
    • Javadoc
    • Deployment
    • Concurrency
    • JAXP
    • Serialization
    • Security

Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Solution: Upgrade to Oracle JDK / JRE 13 Update 1, 11 Update 5, 8 Update 231 / 7 Update 241 or later. If necessary, remove any affected versions.


Release: 4.9.1

Component: CA Test Data Manager


Currently, TDM 4.9.1 also installs the same AdoptOpenJDK release. Therefore, Product Development has agreed to convert this to an Enhancement Request (US715972), which will be delivered in an undetermined future release of TDM.