CVE-2020-1938 - Tomcat Vulnerability "GhostCat"

book

Article ID: 185355

calendar_today

Updated On:

Products

CA Spectrum CA eHealth

Issue/Introduction

Is Spectrum impacted by CVE-2020-1938 GhostCat vulnerability? 

https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487

Environment

Release : 10.4.x, 10.3.x

Component : Spectrum OneClick

Resolution

Spectrum is not vulnerable as we do not turn on the AJP port in our tomcat configuration.
The Spectrum WebTomcat DOES have the AJP connector port turned on but this can be turned off / commented out as we do not use it.

1. Edit the $SPECROOT/webtomcat/conf/server.xml file.
2. Comment out this section as seen below:



3. Save the file and restart the Spectrum Web Tomcat Service via:

$SPECROOT/webtomcat/bin/stopWebTomcat.sh
$SPECROOT/webtomcat/bin/startWebTomcat.sh

Attachments