Tomcat vulnerability, CVE-2020-1938
search cancel

Tomcat vulnerability, CVE-2020-1938

book

Article ID: 187420

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

Is Privileged Identity Management vulnerable to the Tomcat CVE-2020-1938 (Ghostcat) vulnerability

Environment

Release : 12.9.x

Resolution

Even though PIM uses Tomcat version 7.0.54, which is lower than the re-mediated tomcat version (7.0.100), we are not vulnerable because we don't use port 8009.