Audit Observation - OpenJDK 8 <= 8u472 / 11.0.0 <= 11.0.29 / 17.0.0 <= 17.0.17 / 21.0.0 <= 21.0.9 / 25.0.0 <= 25.0.1 Multiple Vulnerabilities (2026-01-20)
search cancel

Audit Observation - OpenJDK 8 <= 8u472 / 11.0.0 <= 11.0.29 / 17.0.0 <= 17.0.17 / 21.0.0 <= 21.0.9 / 25.0.0 <= 25.0.1 Multiple Vulnerabilities (2026-01-20)

book

Article ID: 441895

calendar_today

Updated On:

Products

Network Observability CA Performance Management

Issue/Introduction

Security scans on the DX NetOps Data Repository (Vertica) host report multiple OpenJDK vulnerabilities associated with legacy installation directories.

/opt/CA/IMDataRepository_vertica10

/opt/CA/IMDataRepository_vertica9

CVE-2026-21925

CVE-2026-21932

CVE-2026-21933

CVE-2026-21945

 

Environment

- **Product:** DX NetOps (Performance Management)

- **Version:** 24.3.4

- **Component:** Data Repository (Vertica)

 

Cause

These directories are legacy installation artifacts from previous versions of the Data Repository.

DX NetOps 24.3.4 does not utilize these paths for active operations; however, because the binaries remain on the filesystem, security scanners flag them as active risks.

Resolution

To remediate these vulnerabilities, delete the legacy directories. These folders are not required for the current version of DX NetOps.

 

This command cannot be undone. Verify every parameter before running.

```bash

sudo rm -rf /opt/CA/IMDataRepository_vertica9

sudo rm -rf /opt/CA/IMDataRepository_vertica10

```

 

**Note:** Ensure you do not accidentally delete the active runtime directory (e.g., `/opt/vertica`). Always verify your current active paths before execution.

Powered by Wolken Software