DX Unified Infrastructure Management

  • Private Community

  • 1.  Need help fixing a vulnerability flagged by a Nessus scan

    Posted Apr 17, 2018 08:40 AM

    Hi, my security team has run a nessus scanner on the UIM main hub.  One of the main issues they identified is on port 8080 the "apache tomcat default files" needs to be removed.  Have any of you dealt with this type of issue before, I dont really want to fiddle in the UIM installation files?  Should I log a defect against the product?

     

    I checked on my installation on port 8080/index.jsp is the main " Welcome to UIM Server 8.4" page. Not sure if they refer to this, as they dont provide that much detail.  Maybe a quick fix would be to turn this tomcat off on port 8080 as we do not access it.



  • 2.  Re: Need help fixing a vulnerability flagged by a Nessus scan

    Posted Apr 17, 2018 07:12 PM

    Better option would be to open up a support ticket and provide them with the details of the vulnerability scan results . They would be able to guide you with the appropriate actions. 



  • 3.  Re: Need help fixing a vulnerability flagged by a Nessus scan

    Broadcom Employee
    Posted Apr 17, 2018 11:35 PM

    8080 is no longer used in uim 8.4.7 or greater, since it was used admin console in uim 8.4 or older.



  • 4.  Re: Need help fixing a vulnerability flagged by a Nessus scan

    Posted May 03, 2018 10:27 AM

    thread moved to CA Unified Infrastructure Management



  • 5.  Re: Need help fixing a vulnerability flagged by a Nessus scan

    Posted May 09, 2018 06:02 PM

    Mias,

    Is any more help needed for this?

    A support case for this is not possible since UIM 8.4 is past EOS.

    The way to go is upgrade to UIM 8.51.

    CA Unified Infrastructure Management - CA Unified Infrastructure Management - 8.5.1 - CA Technologies Documentation 

    The download is available from the support.ca.com site

    Unified Infrastructure Management

    CA Unified Infrastructure Management Server Installer for POC MULTI-PLATFORM