The version of Java that is shipped with the Agent is showing up in a vulnerability scan.

It vulnerability scan shows that it has been fixed in the following versions:

Fixed version:    1.7.0_271 / 1.8.0_261 / 1.11.0_8 / 1.14.0_2

If one of the above versions is already installed on the same machine, can the Agent java point to it instead?

Vulnerability with current version of Java is showing up in a vulnerability scan

Workload Automation System Agents

Release : All versions

Yes, the Agent Java can point to another Java directory that is installed on the same machine. 

Here are the steps:

1) Locate the directory of the Java that needs to be pointed to (Example: /usr/lib/java1.8.0_261)

2) Make a backup of the current wla_jre directory

3) Point jre to the new Java directory

Example:

Unix -

cd /opt/CA/SystemAgent/WA_AGENT/jre

ln -s /usr/lib/java1.8.0_261 jre

4) Restart the Agent

5) Confirm the Agent is running as designed

6) Remove the wla_jre directory