Is CA Mediation Manager affected by:
Apache Tomcat Ghostcat CVE-2020-1938, QID-87413
We are seeing an alert on the AJP connector on our scans of the CAMM host.
The instance of tomcat installed by CAMM does have the AJP connector enabled but it is not used by CAMM.
Release : all supported releases
Component : CAMM DISCOVERY MANAGER
Locate the file:
/opt/CA/CAMM/WEBCAMM/conf/server.xml
Copy it and edit the original:
cp /opt/CA/CAMM/WEBCAMM/conf/server.xml /opt/CA/CAMM/WEBCAMM/conf/server.xml.original
now change this:
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
……………
To this:
<!-- Define an AJP 1.3 Connector on port 8009 -->
<!-- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> -->
……….
Recycle CAMM
We are updating tomcat to 8.5.51 in CAMM build in the next release of CAMM (NetOps 20.2)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938