Starting with Version Infoscale 7.4.1 there is a "TelemetryCollector" installed which have Java installed in it with vulnerabilities reported

book

Article ID: 100047981

calendar_today

Updated On:

Description

Error Message:

Customer will get vulnerability in their scan report.

Cause

Java version provided with InfoScale 7.4.1 is "1.8.0_181".

/opt/VRTSvlic/tele/jre/bin/java -version
java version "1.8.0_181"

 

Resolution


Public Patches & Private Hotfix has been provided to update the Java to 1.8.0_251 to overcome the vulnerability

# /opt/VRTSvlic/tele/jre/bin/java -version
java version "1.8.0_251"
Java(TM) SE Runtime Environment (build 1.8.0_251-b08)
Java HotSpot(TM) 64-Bit Server VM (build 25.251-b08, mixed mode)


Please contact Veritas Support to obtain the private Hotfix for Solaris 11.

Public patches are now available for Linux:

infoscale-rhel6_x86_64-Patch-7.4.1.1200   Link:  https://sort.veritas.com/patch/detail/15048
 
infoscale-rhel7_x86_64-Patch-7.4.1.1200   Link:  https://sort.veritas.com/patch/detail/15049
 
Recent patch   sig_licensing-rhel8_x86_64-Patch-7.4.1.300    http://patchcentral.engba.veritas.com/index.php?cmd=pdata&release_id=17709
Migrate Licensing Collector service from Java to Python
Powered by Wolken Software