ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Jetty Vulnerabilities CVE-2019-10247 and CVE-2019-10241


Article ID: 143856


Updated On:


CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE DX Application Performance Management


The security team has detected the following vulnerabilities on the environments where APM is installed on and would like to know whether they are affected:

Vulnerability Details : CVE-2019-10241

Vulnerability Details : CVE-2019-10247


APM 10.7.0



These vulnerabilities are only applicable if jetty directory listing is enabled, however, by default, APM disables directory listing and doesn't provide any configuration to enable this. In conclusion, these vulnerabilities are not applicable to APM or APM is not affected by these vulnerabilities.