Release Automation

 View Only
  • 1.  Source of the file ReleaseAutomationServer/scripts/xCmd.exe

    Posted Aug 08, 2019 06:43 AM
    Hi Team,

    Can you please confirm if the below file is the part of the iso provided by Broadcom for Release Automation?

    /CARA home/ReleaseAutomationServer/scripts/xCmd.exe


    Thanks,
    Saurabh


  • 2.  RE: Source of the file ReleaseAutomationServer/scripts/xCmd.exe

    Broadcom Employee
    Posted Aug 14, 2019 06:16 AM
    Hi Saurabh,
     I am assuming may be these files are identified in some security scan detection. 

    In case if they are identified in security detection, we want to mark these as false detection. Xcmd.exe and Xcmdsvc.exe are both legitimate product files which is popularly used as an alternative to PsExec for remote execution of command. There are various areas in the product which rely on underlying remote execution features like running an action on remote machine, agent upgrade etc.

    Regards,
    Saurabh

    ------------------------------
    Regards,
    Saurabh
    ------------------------------



  • 3.  RE: Source of the file ReleaseAutomationServer/scripts/xCmd.exe

    Posted Aug 14, 2019 07:27 AM
    Hi Saurabh,

    Thanks for the information.
    Indeed this file (xCmd.exe)was detected in a security scan and has been deleted.
    I will ask the team to mark this as a false positive.
    Meanwhile, can the deletion of this file create a problem in the RA server?

    -Thanks,
    Saurabh


  • 4.  RE: Source of the file ReleaseAutomationServer/scripts/xCmd.exe

    Posted Aug 14, 2019 07:50 AM
    @Saurabh Jain: Can you also share the SHA1 hash of this file?
    It is required by the Security scan team

    Thanks,
    Saurabh​