Test Data Manager

  • Private Community

  • 1.  Vulnerabilities found in our TDM Platform

    Posted Aug 06, 2018 03:01 PM

    We recently found these vulnerabilities in our TDM environment:

     

    Do you know how to solve them?

     

    Thak you in advance.



  • 2.  Re: Vulnerabilities found in our TDM Platform

    Posted Aug 06, 2018 04:35 PM

    For the "default files" one, you can simply shut down the portal service and delete the webapps\ROOT directory:

    C:\Program Files\CA\CA Test Data Manager Portal\tomcat\webapps\ROOT

     

    I'm looking into the "unsupported webserver" issue further.



  • 3.  Re: Vulnerabilities found in our TDM Platform

    Posted Aug 07, 2018 03:27 PM

    The "Unsupported Web Server" notice is likely related to the version of Tomcat being used. This is being reviewed by our dev team further. No ETA for a fix at this time.



  • 4.  Re: Vulnerabilities found in our TDM Platform
    Best Answer

    Posted Aug 09, 2018 04:25 PM

    I've published the following document regarding the default files:
    Vulnerability scanning found Tomcat Default Files - CA Knowledge 

     

    I've also confirmed with development that the version of Tomcat is expected to be upgraded in a future release - this is a big change that has caused some issues which is why the delivery of that change has slipped. While I cannot commit to the release number or time-frame, it seems likely that it will be in the next release (4.7)