Our RISC team has found a vulnerability in /opt/CA/WorkloadAutomationAE/jre/lib/rt.jar.

The vulnerability is CVE-2020-14792.

$ ./autoflags -a
0028 LINUX ANY 12.0 01.00 940ad0c5 <masked> <masked>

Release : 12.0

Having a base score of 4.2, CVE-2020-14792 is a medium risk vulnerability affecting Oracle Java SE (Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261), which according to NIST, is difficult to exploit. 

Solution: Update the JRE to the latest 1.8 build to address the JRE vulnerability in question.
AutoSys does not currently support any version of JRE higher than JRE 8.

Please reference the JRE Update section of the documentation which provides details for updating the JRE for your product.