Hi,
Our current API Gateway's are running on v9.3 (ssg-9.3.00-9006_CR04.noarch) and when we ran our security scans using Nessus Agent on the servers for scanning through Tenable, we are getting the following vulnerability error. The path it is referring to is /opt/SecureSpan/JDK/bin
Oracle Java SE 1.7.0_221 / 1.8.0_211 / 1.11.0_3 / 1.12.0_1 Multiple Vulnerabilities (Apr 2019 CPU) (Unix)The remote Unix host contains a programming platform that is affectedby multiple vulnerabilities.The scans suggest the following solution,
Upgrade to Oracle JDK / JRE 12 Update 1 , 11 Update 3, 8 Update 211 / 7 Update 221 or later. If necessary, remove any affected versions.How do we get through these errors ? Do we have any patch (with latest Java 8 update 211 or latter) readily available to remediate this issue.
I have already applied the latest monthly platform update (
CA_API_PlatformUpdate_64bit_v9.X-RHEL-2019-07-25.L7P) as well but it didn't help.
------------------------------
Thanks
Prashanth
------------------------------