Service execution privileges on CA Spectrum 21.2 SRAdmin

book

Article ID: 225825

calendar_today

Updated On:

Products

CA Spectrum DX NetOps

Issue/Introduction

After running a vulnerability scan on Spectrum SRAdmin under Microsoft Windows Server, it was found that group permission (Administrators) is set to modify or write service executables:

Is there any reason why the group has full control permissions to any directory that contains service executables?

Environment

Release : 21.2

Component : Spectrum Core / SpectroSERVER

Resolution

Restricting permission to read/write/modify only to the installed user and administrator user to start, stop, modify the SRAdmin service but not other users and groups requires Windows Administrator setup changes. The following articles can assist with this:

Microsoft TechDocs : How to grant users rights to manage services

Attachments