Security vulnerabilities (CVE-51192 and CVE-57582) reported for VCS Authentication Server vcsauthserver process on port 14149
Problem
Security vulnerabilities (CVE-51192 and CVE-57582) reported for VCS Authentication Server vcsauthserver process on port 14149
Error Message
3rd party vulnerability report stated:
"Security vulnerability Definition: SSL Certificate Cannot Be Trusted" against port 14149
Cause
The service which runs on port “14149” is “vcsauthserver” whose only job is to act as Internal CA authority. This service issues digital certificates for other VCS services which are used for SSL communication.
vcsauthserver (port:14149) self-signs its own certificate and then signs certs for other VCS services like HAD,CMDSERVER,CPSERVER. These services use these certificates for authentication and encryption of traffic.
Solution
Since vcsauthserver is an internal-only service, the reported vulnerabilities can be safely ignored.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.