Can I delete Service Catalog /jre/bin/msvcr71.dll due to OSS Vulnerability?

Document ID : KB000122521
Last Modified Date : 06/12/2018
Show Technical Document Details
Introduction:
Sometimes system administrators want to know if it is fine to delete some dlls file like /jre/bin/msvcr71.dll as some vulnerability concern. This tech doc
gives an answer to this kind of questions.
Question:
What is the impact of removing this file from service catalog? Service Catalog/jre/bin/msvcr71.dll Its flagged up by our risk team as having vulnerabilities.
Environment:
Service Catalog 14.1 and 17.1
Answer:
We will not be certified what is happened after removing the .dll file (It's not recommended to remove any .dll files it may affect in some other areas) If the client found the vulnerability they need to upgrade JRE subversion (It may resolve the vulnerability) The major upgrade of JRE will be support in future releases. Also, please report theĀ  type of vulnerability you have seen so Broadcom will do some internal investigation.