Looks like some vulnerabilities have been identified on a couple of servers where we have the Autosys client installed.

Is it safe to delete these  jar files? Are these used only at the time of installation OR is it required for the client functionality. Please advise.

c:\program files\ca\workloadautomationae\autosys\install\jars\tomcat-juli.jar\

c:\program files\ca\workloadautomationae\autosys\install\jars\commons-text-1.9.jar

AutoSys: All supported releases

As you can see in the path, both of these jars are located within the install directory.

• c:\program files\ca\workloadautomationae\autosys\install\jars\tomcat-juli.jar
• c:\program files\ca\workloadautomationae\autosys\install\jars\commons-text-1.9.jar

Which means, they are only referenced during an install, upgrade, or when applying a patch. They are not referenced for normal product operations.

Therefore, if you wish to remove them you can do so.

However, you must keep a backup of the files as they will need to be restored whenever you perform AutoSys upgrade/patching.