JRE found in install_config_jre folder is vulnerable to the following CVEs:

• CVE-2018-3180
• CVE-2023-22081
• CVE-2019-2602
• CVE-2019-2684

Location of JRE:

/<install_dir>/CA/siteminder/install_config_info/install_config_jre/lib/jrt-fs.jar

/<install_dir>/secure-proxy/install_config_info/jre/lib/jrt-fs.jar

Release: 12.8.xx.xx and 12.9 (Applicable to all the supported releases)

The reported JRE is runtime JRE. It is used only during the installation/uninstallation.

This can be compressed/zipped and archived. And its removal will not impact any functionality of Siteminder.