Java 1.7.0.XX out of date on our CSPM servers

book

Article ID: 220508

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

We have a vulnerability tool that runs on our PAM teams servers each week.  We now have 60 entries for Java 1.7.0_XX for a self-contained Java instance within the /opt/cloakware/cspm* filepath that we need updated.  The solution our vulnerability tool (SVM) suggests is to perform the following:

Upgrade to Oracle JDK / JRE 12 Update 1 , 11 Update 3, 8 Update 211 / 7 Update 221 or later. If necessary, remove any affected versions.  We could use assistance in getting this done.

Environment

Release : 3.4

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

Please update your A2A client.  Please see the documentation steps on this topic. 

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/3-4-3/upgrading/upgrade-a-credential-manager-a2a-client.html

The documentation provides both the uninstall and installation directions to upgrade your A2A client.  Once completed please confirm you no longer see the vulnerability.