Hello, Community.
I am new here and this is my first post. I have to say I am having a little bit of a stage fright but still I have to ask my questions here because I cannot find any other place.
The company I work for purchased the CA IT Asset Manager some time ago. We have been using mainly the DSM Explorer to automate remote patching process out on the local workstations. When you click "About" in the "Help" tab in the application it says:
CA IT Client Manager
Version: 14.0.2000.255 We had a really experienced employee who did the administration tasks using the tool but he has left us. Before leaving he showed some basics to his team mates but the knowledge we possessed is really basic.
Looking for my answers on support pages of Broadcom I registered my account but cannot open any ticket because I do not have any sites to access.
I am not actually sure what it means and I have even attempted raising the Site Access Request clicking the link (see picture above) but the form requires some Site ID which is now known to me.
Well, that was briefing... Now let's get to the point...
During our recent Qualys scans, the server that hosts the CA ITAM showed the CVE-2020-1938 (Ghostcat) vulnerability that has quite a high risk and needs to be patched ASAP.
Can you, please, tell me how to get rid of the CVE-2020-1938 vulnerability? Is there any patch on Broadcom page I could download and apply on the server? Should I update the ITAM version? If so, will I not cause all the running jobs fail?
Looking for the answers I have encountered this page:
Impact of Ghostcat (CVE-2020-1938) with Service Management r17.x
Broadcom |
remove preview |
|
Impact of Ghostcat (CVE-2020-1938) with Service Management r17.x |
Release : 17.x Component : SERVICE DESK MANAGER We do not depend on AJP protocol out of the box in Service Desk Manager. Service Catalog's might be used when its made part of out of the box cluster configuration. --> AJP connector can be disabled so that the exposure of this vulnerability does not happen. |
View this on Broadcom > |
|
|
It mentions about the vulnerability and the ITAM and I have even tried out both suggested approaches but once I have modified the Tomcat config file the application fails to run.
------------------------------
Mariusz
------------------------------