We just went from 2 physical MWGs to 2 virtual machines, due to a data center move. After vulnerability scanning the new proxies, we are getting a handful of High CentOS vulnerabilities, which makes sense since the OS had to be set to "CentOS 64bit, version 7" according to the install documentation.
How can we remediate these vulnerabilities? Does McAfee provide new images when new vulnerabilities are discovered in their image? Is there a way to do it from inside the MWG console? Any information is appreciated.
Thank you for the reply.
I'd rather not put the vulnerabilities in a forum. I'll submit a support ticket with the actual vulnerabilities.
My purpose with this post was just to understand how new vulnerabilities are fixed...does a new MWG image have to be applied or is there a way that CentOS gets updates within the console?
Hope you are doing well.
So generally if any vulnerbaility for which MWG is affected is being taken care of in upcoming versions and if required is backported in current/previous versions.
I'm going ahead and doing the normal "Update appliance software" to see if that fixes the vulnerabilities. This is my first time doing it in the virtual setting so fingers crossed it doesn't behave differently than the physical boxes.
I would suggest to open a ticket with support and provide the vulnerabilities detected over their .
If possible ping me the SR number, so that i can take a look on it.