Apache Tomcat CVE-2021-24122 vulnerability for DX Infrastructure Management (UIM)

search cancel

Apache Tomcat CVE-2021-24122 vulnerability for DX Infrastructure Management (UIM)

book

Article ID: 206965

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

The following vulnerability was reported for apache tomcat versions

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106

Environment

Release: UIM 9.x, 20.1, 20.3.0

Resolution

The problem will be solved in UIM 20.3.3, targeted to be released in the next months.

In UIM 20.3.3, the version of embedded tomcat will be upgraded from 9.0.37 to 9.0.41, which has this vulnerability already solved.

Feedback

thumb_up Yes

thumb_down No