Is CA Mediation Manager affected by:
Apache Tomcat Ghostcat CVE-2020-1938, QID-87413
We are seeing an alert on the AJP connector on our scans of the CAMM host.
Release : all supported releases
Component : CAMM DISCOVERY MANAGER
The instance of tomcat installed by CAMM does have the AJP connector enabled but it is not used by CAMM.
Locate the file:
/opt/CA/CAMM/WEBCAMM/conf/server.xml
Copy it and edit the original:
cp /opt/CA/CAMM/WEBCAMM/conf/server.xml /opt/CA/CAMM/WEBCAMM/conf/server.xml.original
now change this:
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
……………
To this:
<!-- Define an AJP 1.3 Connector on port 8009 -->
<!-- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> -->
……….
Recycle CAMM
We are updating tomcat to 8.5.51 in CAMM build in the next release of CAMM (NetOps 20.2)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938