Helpdesk connector jar file - Nessus scan vulnerability - needs to disable Tomcat AJP
Article ID: 199233
CA Service Operations Insight (SOI)
Note that Tomcat AJP has been disabled on SOI Manager server. File: ca\soi\tomcat\conf\server.xml
<!-- Define an AJP 1.3 Connector on port 8009 -->
<!-- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> -->
Port 8009 becomes active once I started the Helpdesk connector.
D:\Program Files\CA\SOI\Tools>netstat -an | findstr "8009"
TCP 0.0.0.0:8009 0.0.0.0:0 LISTENING
Release : 4.2
Component : Service Operations Insight (SOI) Manager
We can disable the AJP Connector directly, or change its listening address to the localhost to fix this Ghostcat vulnerability.
Here , Mentioned Ghostcat vulnerability is part of NIM server .so please perform same steps for nim server also.
(1) Edit \CA\SOI\nimServer\conf\server.xml，find the following line ( is the Tomcat work directory):
(2) Comment out it (or just delete it):
(3) Save the edit, and then restart Tomcat.
Request to please perform the above steps in the customer environment and confirm if this resolves the reported vulnerability. For more details follow below URL