We are getting CVE alerts on the $AUTOUSER/install directory. Can the $AUTOSYS/install directory be removed?
search cancel

We are getting CVE alerts on the $AUTOUSER/install directory. Can the $AUTOSYS/install directory be removed?

book

Article ID: 278647

calendar_today

Updated On:

Products

Autosys Workload Automation

Issue/Introduction

The $AUTOSYS/install directory appears to contain old copies of files that have alerted us on our security monitoring tools.
Is there any actual use for the $AUTOSYS/install directory either with the functioning of the system or with upgrades?
If the entire folder is emptied or removed, would that cause any issues?

Environment

Autosys R12.x
WCC 12.x

Cause

The installer can leave old files in this directory that are not used by the application during normal operations but will still be flagged.
Patches such as  99111682, since it creates a “rollback” folder for everything it does
Example:
 JARS_bak_date

Resolution

The  $AUTOSYS/install is used by uninstall and installer files so the entire directory cannot be deleted.
Once a Patch is installed and validated the JARS_bak_date can be removed to fully resolve a CVE it resolves.

NOTE:
a rollback of the patch will not be possible without the directory.

Additional Information

below are some published KB articles that may answer your questions.
Autosys R12 - Regarding the usage of "*/install/JARS/*" files
CVE-2022-42889 and Autosys Workload Automation
CVE-2022-42889 and Autosys Workload Automation - commons-text-1.8.jar and commons-text-1.9.jar

Powered by Wolken Software