Some Symantec products containing web components may trigger security auditing software

Article:TECH141278  |  Created: 2010-10-05  |  Updated: 2011-01-13  |  Article URL http://www.symantec.com/docs/TECH141278
Article Type
Technical Solution


Issue



Depending on the security auditing products used and the level of granularity at which "risks" are logged, some NetBackup products which include a web interface may be generate version-based alerts during regular security audits.

Affected products include:

  • NetBackup Operations Manager (NOM) 6.x
  • Vertias Backup Reporter (VBR) 6.x
  • OpsCenter (includes OpsCenter Analytics) 7.0 and 7.0.1

It is important to note that these products as installed/configured are not considered "vulnerable" and no known exploits of these products exist, nor are known to have been reported at the time of this writing.
 


Solution



OpsCenter will contain updated web components in an upcoming release and Symantec has released an EEB package as an interim update (see workaround) for those customers who wish to apply it.  A formal resolution to this issue is expected in the following release:

  • NetBackup OpsCenter 7.1, expected to be released in the first quarter of 2011

There are no further plans for release updates to both NOM and VBR.  Users of those products are encouraged to upgrade to OpsCenter and OpsCenter Analytics 7.x.

Workaround

For OpsCenter 7.0 and 7.0.1, an EEB package is available which will update web components.  Please contact Symantec technical support, referencing this document ID and Etrack 2109526 to obtain this package.
 


Supplemental Materials

SourceETrack
Value2109642




Article URL http://www.symantec.com/docs/TECH141278


Terms of use for this information are found in Legal Notices