Do the following CVEs regarding node.js affect the Centrify DirectAudit Database in any way?
CVE1 : CVE-2019-5737, CVE-2019-5739
CVE 2: CVE-2018-12121, CVE-2018-12122, CVE-2018-12123, CVE-2018-12116
Answer: Customers are encouraged to follow the instructions for patching listed in the above CVEs. DirectAudit does not use NodeJS and Centrify has no reasons to believe that the security patches will affect DirectAudit in any way. As far as post-patch verification is concerned, customers can simply use the Audit Manager console and verify the following:
A) The collectors are in connected state.
B) The Audit Store databases are in connected/online state after the patching for a successful verification.