Univiewer conosole jar files modification is possible
search cancel

Univiewer conosole jar files modification is possible


Article ID: 254525


Updated On:


CA Automic Dollar Universe


During a security Audit test, it was found that the jar files of the Univiewer Console could be modified and recompiled which would allow to change different text fields and display some menus.

It would be preferred that jar files are obfuscated to avoid such modifications.

The question that was asked is if the Security of the tool and different components could be compromised.


Release : 6.x ad 7.x

Component: Univiewer Console


The obfuscation of the jar files will be implemented in the future via the story PMDU-3033

Nevertheless, the Security checks are performed at the UVMS or Nodes Level so it does not matter if a menu/button can be displayed for a user not having permissions to do so, as the ulterior component will have the security on its own database and will refuse the request anyhow.