We have detected a vulnerability CVE-2017-7657 in the Jetty client located at in agent ITPAM:
/PAMAgent/.c2orepository/.c2oagentresources/lib/jetty/jars/jetty-client-6.1.26.jar.

Could you please advise us on how to remediate this vulnerability?

CA Process Automation Base 4.3.x and 4.4.x

From deployment standpoint, agents are positioned behind the Orchestrators. There is no way exposed to external interfaces to carry out any HTTP requests for agents. Hence, agent is not vulnerable to perform HTTP request smuggling with invalid request header for HTTP/0.9, HTTP request smuggling with invalid body content of HTTP/1.1 and to interpret the boundary of the HTTP request differently with more than one Content-Length headers.  In other words, ITPAM agent is not impacted by CVE-2017-7657.

CVE-2017-7657 Detail