search cancel

Nessus Scan Result: MS08-070 Vulnerabilities

book

Article ID: 243091

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

A recent security scan has identified our Provisioning Server servers and Identity Manager Servers in all environments as vulnerable to MS08-070: Vulnerabilities in Visual Basic 6.0 ActiveX Controls Could Allow Remote Code Execution (932349).  Given the fact that no other servers were flagged, it seems to be related to the Provisioning Manager software.  In reading the documentation, it is mentioned that Provisioning Manager will be removed from a future release.  Therefore, we have a couple of questions.  Does Provisioning Manager install the C++ redistributable files as part of its installation?  Will it function without them?  Finally, will the system work as intended if Provisioning Manager is uninstalled completely? 

This is a standalone deployment on Windows 2019 Servers with 14.3 CP3.

Cause

The vulnerability report refers specifically to msflxgrd.ocx.

c:\windows\syswow64\msflxgrd.ocx 

Resolution

The Provisioning Manager installation does install the msflxgrd.ocx file.

We removed the file and was able to successfully use Provisioning Manager, so you are free to try that as well, though we cannot guarantee every function in the app will work.

If needed, you can uninstall Provisioning Manager completely if it is something you don't use often. You might consider installing Provisioning Manager on a server or virtual machine that can be shut down and used only as needed for troubleshooting provisioning issues