[Linux-PowerEdge] [Security Alert] srvadmin-jre-9.3.0-3465.14818.el7.x86_64 vulnerable

mr.zbiggy mr.zbiggy at upcpoczta.pl
Wed Nov 27 14:03:45 CST 2019


[EXTERNAL EMAIL] 

Hi,

Nessus Security Scanner:
CRITICAL 1000 Oracle Java JRE Unsupported Version Detection (Unix)
MEDIUM 500 Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) (Unix)
The following Java JRE installation is unsupported :

Path              : /opt/dell/srvadmin/lib64/openmanage/
Installed version : 1.10.0_1
Latest versions   : 1.8.0_211 / 1.11.0_03 / 1.12.0_1
Support dates     : 2018-10-01 (end of life)

This outdated, unsupported java is installed by package:
srvadmin-jre-9.3.0-3465.14818.el7.x86_64

Description:
According to its self-reported version number, at least one installation
of Oracle (formerly Sun) Java JRE on the remote host is no longer
supported. Lack of support implies that no new security patches for the
product will be released by the vendor. As a result, it is likely to
contain security vulnerabilities. Note that Oracle does provide support
contracts under the 'Oracle Lifetime Support' program. If the detected
JRE is supported under this program, this may be a false positive.

Diagnosis:
The remote host contains one or more unsupported versions of the Oracle
Java JRE.

Solution:
Upgrade to a version of Oracle Java JRE that is currently supported.

greetings,
Zbigniew



More information about the Linux-PowerEdge mailing list