Vulnerabilities have been identified on these linux Servers that have the Spectrum Application Installed. Are these related / used by to the Spectrum application? Will remediating these vulnerabilities break the Spectrum Application?
Vulnerable software installed: Apache Tomcat 7.0.82 (/app/CA/spectrum/tomcat/lib/catalina.jar)
Release : 10.2.x
Component : Spectrum Core / SpectroSERVER
I looked up Tomcat 7.0.82 and I found references to vulnerability ID CVE-2018-1336.
Spectrum 10.3.1 ships with Apache Tomcat 9.0.8, so we would recommend upgrading to Spectrum 10.3.1 or higher in order to get rid of the warnings for CVE-2018-1336.
See also https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=112642 for Apache Struts vulnerability CVE-2018-11776 warnings