Safely remove default Apache apps from CA Mediation Manager
Article ID: 254710
Updated On:
Products
DX NetOps
CA Mediation Manager
CA Performance Management - Usage and Administration
Issue/Introduction
Security team reported possible vulnerabilities from a DX NetOps CA Mediation Manager (CAMM) 21.2.12 installation. It reported the following.
| ISBL-10007-20.024 Vendor Default Applications Removed |
| Do NOT deploy or use the default applications provided by the vendor. These apps are: |
| docs |
| examples |
| host-manager |
| manager |
| ROOT |
| NOTE: You can have applications with these names but the must NOT be the ones that comes from Apache. |
Can these be safely removed to resolve the concern called out?
Environment
All supported DX NetOps CA Mediation Manager (CAMM) releases
Cause
Internal security audit triggered against tools that are installed with Apache but not used by CAMM.
Resolution
These are safe to remove using the following steps.
- Stop CAMM using the script $CAMM_HOME/tools/stopall
- Make a backup copy of the directory $CAMM_HOME/WEBCAMM/webapps/
- Delete the content under the directory $CAMM_HOME/WEBCAMM/webapps/
- DO NOT delete the webapps directory itself.
- Start CAMM using the script $CAMM_HOME/tools/startall
- Login to the CAMM web UI using the URL:
- http://MM_IP:8880/tim-web/index.htm
NOTES:
- After making these changes, the CAMM web UI will no longer be accessible using the URL:
- http://MM_IP:8880
- After making these changes the CAMM web UI will ONLY be accessible using the URL in 5 above.
- http://MM_IP:8880/tim-web/index.htm
- Upgrades of CAMM will revert these changes. These changes will need to be repeated after each upgrade.
Feedback
Yes
No
Powered by
