The version of Java that is shipped with the Agent is showing up in a vulnerability scan.

It vulnerability scan shows that it has been fixed in the following versions:

Fixed version:    1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2

If one of the above versions is already installed on the same machine, can the Agent java point to it instead?

Workload Automation System Agents

Release : All versions

Vulnerability with current version of Java is showing up in a vulnerability scan

Yes, the Agent Java can point to another Java directory that is installed on the same machine. 

Here are the steps:

1) Locate the directory of the Java that needs to be pointed to (Example: /usr/lib/java1.8.0_261)

2) Make a backup of the current wla_jre directory

3) Point jre to the new Java directory

Example:

Unix -

cd /opt/CA/SystemAgent/WA_AGENT/jre

ln -s /usr/lib/java1.8.0_261 jre

4) Restart the Agent

5) Confirm the Agent is running as designed

6) Remove the wla_jre directory