Vulnerability -running daemon is not managed by RPM

book

Article ID: 211601

calendar_today

Updated On:

Products

DX Infrastructure Management

Issue/Introduction

We have upgraded servers from RHEL 6 to 7.9 version and ran security scan but we are getting following Vulnerability.

The following running daemon is not managed by RPM :

/opt/nimsoft/probes/system/cdm/cdm

 

 

Environment

Release : 20.3

Component : UIM - SECURITY VULNERABILITIES

Resolution

This is not actually a vulnerability in the normal sense, it is simply a warning that a program is running which was installed manually instead of using an RPM.

https://www.tenable.com/plugins/nessus/33851

This is an expected behavior for UIM.   The package system/RPM only installs the agent/robot.  The cdm probe is installed by the user and runs as a child process of the robot/agent.  It is not possible to install the CDM probe (or any probe) using an RPM because it is installed through the product itself (e.g. Infrastructure Manager or Admin Console.)

This does not represent a vulnerability or something that can be exploited, rather it is perfectly normal UIM behavior and should be ignored. This is provided only as a warning to system administrators to help adhere to best practices; but again, this is simply how UIM works and there is nothing that can (or needs to) be done about it.