Test Data Manager

Expand all | Collapse all

Vulnerabilities found in our TDM Platform

Jump to Best Answer
  • 1.  Vulnerabilities found in our TDM Platform

    Posted 08-06-2018 03:01 PM

    We recently found these vulnerabilities in our TDM environment:

     

    Do you know how to solve them?

     

    Thak you in advance.



  • 2.  Re: Vulnerabilities found in our TDM Platform

    Posted 08-06-2018 04:35 PM

    For the "default files" one, you can simply shut down the portal service and delete the webapps\ROOT directory:

    C:\Program Files\CA\CA Test Data Manager Portal\tomcat\webapps\ROOT

     

    I'm looking into the "unsupported webserver" issue further.



  • 3.  Re: Vulnerabilities found in our TDM Platform

    Posted 08-07-2018 03:27 PM

    The "Unsupported Web Server" notice is likely related to the version of Tomcat being used. This is being reviewed by our dev team further. No ETA for a fix at this time.



  • 4.  Re: Vulnerabilities found in our TDM Platform
    Best Answer

    Posted 08-09-2018 04:25 PM

    I've published the following document regarding the default files:
    Vulnerability scanning found Tomcat Default Files - CA Knowledge 

     

    I've also confirmed with development that the version of Tomcat is expected to be upgraded in a future release - this is a big change that has caused some issues which is why the delivery of that change has slipped. While I cannot commit to the release number or time-frame, it seems likely that it will be in the next release (4.7)