CA APM 10.7.0.197 service pack 3 has Oracle Java version 1.8.0_2 1 1 high security vulnerability
book
Article ID: 132318
calendar_today
Updated On:
Products
CA Application Performance Management Agent (APM / Wily / Introscope)INTROSCOPE
Issue/Introduction
CA APM 10.7.0.197 service pack 3 has Oracle Java version 1.8.0_2 1 1 high security vulnerability
Environment
DX APM 10.7 SP3 Oracle JDK 1.8.2._211
Cause
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the host is prior to 7 Update 221, 8 Update 211, 11 Update 3, or 12 Update 1. Consequently, it is affected by multiple vulnerabilities related to the following components :
- 2D - Libraries - RMI - Windows DLL
Resolution
User can change the JRE location in lax files:-
Introscope_Enterprise_Manager.lax and Introscope_WebView.lax.
Customers can install vulnerability mitigated JRE and point the path to the below property.