Reported vulnerability xp

search cancel

Reported vulnerability xp_cmdshell

book

Article ID: 266867

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager

Issue/Introduction

The security team raised several vulnerabilities for us due to the configuration of the database, we want to know if setting xp_cmdshell to false does not generate any affectation.

According to the security team, it should be set to False. Is this OK?

Environment

Release : 17.3

Resolution

In ServiceDesk manager product we dont use/enable xp_cmdshell for any of the SQL queries.

It is safe to disable this option and eliminate the vulnerability.

Feedback

thumb_up Yes

thumb_down No