Removing of items in $NXROOT/Replaced and $NXROOT/Temp directory
search cancel

Removing of items in $NXROOT/Replaced and $NXROOT/Temp directory

book

Article ID: 238997

calendar_today

Updated On:

Products

CA Service Desk Manager CA Service Management - Service Desk Manager

Issue/Introduction

After a security scan, we found these files show up in log4j vulnerabilities

D:\Program Files (x86)\CA\Service Desk Manager\REPLACED\HYD-368_CUM_C.OLD\java\lib\log4j-core-2.3.jar
D:\Program Files (x86)\CA\Service Desk Manager\REPLACED\HYD-605_CUM_C.OLD\java\lib\log4j-core-2.12.0.jar
D:\Program Files (x86)\CA\Service Desk Manager\REPLACED\HYD-617_CUM_C.OLD\bopcfg\www\CATALINA_BASE\webapps\AMS\WEB-INF\lib\log4j-core-2.10.0.jar
D:\Program Files (x86)\CA\Service Desk Manager\REPLACED\HYD-617_CUM_C.OLD\java\lib\log4j-core-2.12.0.jar
D:\Program Files (x86)\CA\Service Desk Manager\temp\hyd-368_cum_C\log4j-core-2.12.0.jar
D:\Program Files (x86)\CA\Service Desk Manager\temp\hyd-605_cum_C\log4j-core-2.12.0.jar

can we delete them?

Environment

Release : 17.3

Component : SDM - Install/Upgrade/Configuration

Resolution

Files under REPLACED folder are for un-installation purpose so instead of deleting them, we recommend move them to a portable disk like a USB...in case you need to un-install you can drop them back from portable disk.

For files in SDM temp folder, they are left over from installation and you can delete them.

Additional Information

If any of the files from the security scan are found outside of the <NXROOT>\Temp or <NXROOT>\REPLACED folders, compare with a clean installation of the new version of SDM.  If those files are not found in a clean installation, they are left-overs from the previous version and can safely be deleted.