Hi Saurabh,
Thanks for the information.
Indeed this file (xCmd.exe)was detected in a security scan and has been deleted.
I will ask the team to mark this as a false positive.
Meanwhile, can the deletion of this file create a problem in the RA server?
-Thanks,
Saurabh
Original Message:
Sent: 08-14-2019 06:15 AM
From: Saurabh Jain
Subject: Source of the file ReleaseAutomationServer/scripts/xCmd.exe
Hi Saurabh,
I am assuming may be these files are identified in some security scan detection.
In case if they are identified in security detection, we want to mark these as false detection. Xcmd.exe and Xcmdsvc.exe are both legitimate product files which is popularly used as an alternative to PsExec for remote execution of command. There are various areas in the product which rely on underlying remote execution features like running an action on remote machine, agent upgrade etc.
Regards,
Saurabh
------------------------------
Regards,
Saurabh
Original Message:
Sent: 08-08-2019 06:42 AM
From: Saurabh Jaiswal
Subject: Source of the file ReleaseAutomationServer/scripts/xCmd.exe
Hi Team,
Can you please confirm if the below file is the part of the iso provided by Broadcom for Release Automation?
/CARA home/ReleaseAutomationServer/scripts/xCmd.exe
Thanks,
Saurabh