search cancel

Safely remove default Apache apps from CA Mediation Manager

book

Article ID: 254710

calendar_today

Updated On:

Products

DX NetOps CA Mediation Manager CA Performance Management - Usage and Administration

Issue/Introduction

Security team reported possible vulnerabilities from a DX NetOps CA Mediation Manager (CAMM) 21.2.12 installation. It reported the following.

ISBL-10007-20.024 Vendor Default Applications Removed
Do NOT deploy or use the default applications provided by the vendor. These apps are:
docs
examples
host-manager
manager
ROOT
NOTE: You can have applications with these names but the must NOT be the ones that comes from Apache.

Can these be safely removed to resolve the concern called out?

Environment

All supported DX NetOps CA Mediation Manager (CAMM) releases

Cause

Internal security audit triggered against tools that are installed with Apache but not used by CAMM.

Resolution

These are safe to remove using the following steps.

  1. Stop CAMM using the script $CAMM_HOME/tools/stopall
  2. Make a backup copy of the directory $CAMM_HOME/WEBCAMM/webapps/
  3. Delete the content under the directory $CAMM_HOME/WEBCAMM/webapps/
    • DO NOT delete the webapps directory itself.
  4. Start CAMM using the script $CAMM_HOME/tools/startall
  5. Login to the CAMM web UI using the URL:
    • http://MM_IP:8880/tim-web/index.htm

NOTES:

  • After making these changes, the CAMM web UI will no longer be accessible using the URL:
    • http://MM_IP:8880
  • After making these changes the CAMM web UI will ONLY be accessible using the URL in 5 above.
    • http://MM_IP:8880/tim-web/index.htm
  • Upgrades of CAMM will revert these changes. These changes will need to be repeated after each upgrade.