ASM OPMS - Vulnerability identified for EXIM. Our vulnerability team identified a vulnerability with EXIM4 (Exim: Failure to reset function pointer after BDAT error (CVE-2020-28019). Exim 4 before 4.94.2 has Improper Initialization that can lead to recursion-based stack consumption or other consequences. This occurs because use of certain getc functions is mishandled when a client uses BDAT instead of DATA.
Can you let us know if there is a plan to upgrade EXIM for OPMS ?
Release : SAAS
Component : CA APP SYNTHETIC MONITOR (WATCHMOUSE)
Please remove the entire exim package. It is no longer needed. It will be removed completely in a new OPMS release.
Remove command will be something like:
sudo yum remove exim4
rpm -e exim