ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Java Security Vulnerability found for DX NetOps Performance Management


Article ID: 212761


Updated On:


CA Performance Management - Usage and Administration DX NetOps


Security scan found vulnerabilities in the OpenJDK Java version DX NetOps Performance Management is using, Java 1.8.0_222.

The Vulnerability is fixed in the following Java versions:

  • 1.7.0_241
  • 1.8.0_231
  • 1.11.0_5
  • 1.13.0_1

How can this be resolved, and what other DX NetOps Performance Management releases are impacted?


Java Vulnerability in the DX NetOps Performance Management releases r20.2.1 through r20.2.7 which use OpenJDK Java version 1.8.0_222.

This version of Java is used by all DX NetOps Performance Management server components including:

  • Data Repository
  • Data Aggregator
  • Data Collector
  • Performance Center

Fault Tolerant Data Aggregator Consul Proxy hosts are not affected.


DX NetOps Performance Management releases r20.2.1 through r20.2.7


Upgrade to the latest versions of DX NetOps Performance Management.

The OpenJDK Java version was first updated to in the r20.2.8 release.

The current r20.2.9 release uses OpenJDK Java version