Apache Tomcat CVE-2021-24122 vulnerability for DX Infrastructure Management (UIM)

book

Article ID: 206965

calendar_today

Updated On:

Products

DX Infrastructure Management

Issue/Introduction

The following vulnerability was reported for apache tomcat versions

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106

Environment

Release : 9.x,  20.1, 20.3.0

 

Resolution

The problem will be solved in UIM 20.3.3, targeted to be released in the next months.

In UIM 20.3.3, the version of embedded tomcat will be upgraded from 9.0.37 to 9.0.41, which has this vulnerability already solved.