We need to delete these below files on our OC server due to a security vulnerability detected.
apache log4j 2.7.0.0 (["c:\\program files (x86)\\nimsoft\\probes\\service\\wasp\\webapps\\rest\\web-inf\\lib\\log4j-core-2.7.jar","c:\\program files (x86)\\nimsoft\\probes\\service\\wasp\\webapps\\uimapi.war","c:\\program files (x86)\\nimsoft\\probes\\service\\wasp\\webapps\\uimapi\\web-inf\\lib\\log4j-core-2.7.jar","c:\\program files (x86)\\nimsoft\\probes\\service\\wasp\\webapps\\webservices_rest.war"])
Request you to please confirm if these can be deleted without having any impact on the tool?
From 20.3.3, you must first upgrade to 20.4, then to 20.4 CU5.
The best option for upgrading is to take advantage of our weekend upgrade program. To register for the next available weekend upgrade, please click this url: https://enterprise-software.broadcom.com/weekend-upgrade-program
As per Broadcom Development/Engineering, the log4j-core-2.7.1 jar files should not be deleted as this will cause logging and other failures. Deleting files will cause issues in the DX UIM application and the process is not certified.