search cancel

Is there New PAM Agent .exe file available without log4J vulnerability in CA Process Automation

book

Article ID: 243508

calendar_today

Updated On:

Products

CA Process Automation Base

Issue/Introduction

I have got CP06 patch installed in our environment to remediate log4J vulnerability. However, I am wondering for new servers. Do we have new ITPAM agent executable files available in CA portal which doesn't have log4J vulnerability in them?

Environment

Release : 4.3.5

Component : ITPAM Agent

Resolution

The CP06 Agent installer is not available for download via the support portal. After CP06 is installed on the domain orchestrator, the agent installation executable can be found in the same location described in the product documentation for performing Silent Installs: Silent Agent Installation (install_dir/server/c2o/.c2orepository/media). 

 

The agent installer can be run using the Agent Installer executable file or using the JNLP as described here: Interactive Agent Installation

 

Additional Information

The CP05 and CP06 installers behave the same. All of the agent's files do not get laid down - only a portion. When the agent service is started it will connect to the the domain orchestrator to get the remaining files. An agent installed after CP06 is installed with only the Log4j 2.17.1 version (as long as you use the "installation.jnlp" or the AgentInstall executable from the media folder on the domain orchestrator).