ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Tomcat vulnerability, CVE-2020-1938
book
Article ID: 187420
calendar_today
Updated On:
Products
CA Virtual Privilege ManagerCA Privileged Identity Management Endpoint (PIM)
Issue/Introduction
Is Privileged Identity Management vulnerable to the Tomcat CVE-2020-1938 (Ghostcat) vulnerability
Environment
Release : 12.9.x
Resolution
Even though PIM uses Tomcat version 7.0.54, which is lower than the re-mediated tomcat version (7.0.100), we are not vulnerable because we don't use port 8009.