We are having issue with one of the vulnerabilities regarding CAM Agent software casrvc.
"casrvc, a shared component for CA products, allows a user to specify a file to restore services from. If a file that the user cannot access is specified (for example, /etc/shadow), one line from the file is shown to the user in an error."
Release : 14.3
The vulnerability is no longer relevant from an Identity Manager perspective as the older connectors are no longer supported.
From version 14.0, the UNIX V1 connector is not supported. If you are upgrading from any previous version to r 14, UNIX - ETC and UNIX - NIS endpoint types are still visible in
drop down list but do not function. If you want to use UNIX connector, migrate the UNIX V1 connector to UNIX V2 connector.
If you want to use UNIX connector, migrate the UNIX V1 connector to UNIX V2 connector.