Vulnerability Scanner Triggering on Files /DTS/Extensions/Common/Jars/
Article ID: 404527
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Vulnerability scanner is flagging the following files:
- hadoop-common-2.6.0.2.2.0.0-2041.jar
- hive-exec-2.1.0.jar
- snappy-java-1.1.1.6.jar
In the following directories:
- C:/Program Files/Microsoft SQL Server/150/DTS/Extensions/Common/Jars/
- C:/Program Files (x86)/Microsoft SQL Server/150/DTS/Extensions/Common/Jars/
For the following CVEs:
- CVE-2016-6811
- CVE-2015-5237
- CVE-2022-3509
- CVE-2021-37404
- CVE-2023-43642
- CVE-2023-39410
- CVE-2023-2976
- CVE-2023-34455
- CVE-2022-3171
- CVE-2018-11777
- CVE-2017-7669
- CVE-2022-26612
- CVE-2020-9492
- CVE-2024-7254
- CVE-2016-3086
- CVE-2022-3510
- CVE-2024-47561
- CVE-2016-5393
- CVE-2022-25168
Environment
- App Control Server: All Supported Versions
- Microsoft SQL Server: All Supported Versions
Resolution
- These files are Java libraries related to Microsoft SQL Server Integration Services (SSIS) and PolyBase and are used for Hadoop or Hive data integrations.
- These files are not used by the Carbon Black App Control Server
- App Control communicates with SQL Server using standard T-SQL (ADO.NET) queries and does not require Hadoop or Hive integration libraries.
- There is no impact to App Control if these files are deleted or remediated.
- The DBA for the environment should confirm if the SQL Server has other features involving Hadoop/Hive integrations (e.g., PolyBase or SSIS for big data).
Feedback
Yes
No
Powered by
