Confirm if CVE-2020-9484 is resolved in UIM 20.3
Article ID: 202752
Updated On:
Products
DX Unified Infrastructure Management (Nimsoft / UIM)
Issue/Introduction
As per NVD article https://nvd.nist.gov/vuln/detail/CVE-2020-9484 CVE-2020-9484 is resolved in Apache Tomcat 9.0.35 and above.
Need confirmation if CVE-2020-9484 is resolved in UIM 20.3 and what is the actual Apache Tomcat version included in 20.3.
Environment
Release : 20.3
Component : UIM -OC
Resolution
CVE-2020-9484 is resolved in 20.3 as it is using Tomcat 9.0.37
UIM and OC WASP is using tomcat 9.0.37
https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/unified-infrastructure-management/20-3/release-notes/third-party-software-agreements.html
Additional Information
Feedback
Yes
No
Powered by
