search cancel

We are tracking a high risk vulnerability on the CAMM host server. Apache Tomcat Ghostcat CVE-2020-1938, QID-87413

book

Article ID: 188437

calendar_today

Updated On:

Products

CA Mediation Manager

Issue/Introduction

Is CA Mediation Manager affected by:
Apache Tomcat Ghostcat CVE-2020-1938, QID-87413 

We are seeing an alert on the AJP connector on our scans of the CAMM host.

Cause

The instance of tomcat installed by CAMM does have the AJP connector enabled but it is not used by CAMM.

Environment

Release : all supported releases

Component : CAMM DISCOVERY MANAGER

Resolution

Locate the file:

/opt/CA/CAMM/WEBCAMM/conf/server.xml

Copy it and edit the original:

cp /opt/CA/CAMM/WEBCAMM/conf/server.xml /opt/CA/CAMM/WEBCAMM/conf/server.xml.original

now change this:

<!-- Define an AJP 1.3 Connector on port 8009 -->

    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

……………

To this:

<!-- Define an AJP 1.3 Connector on port 8009 -->

  <!--  <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> -->

……….

Recycle CAMM

Additional Information

We are updating tomcat to 8.5.51 in CAMM build in the next release of CAMM (NetOps 20.2)

 

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938