Dx Spectrum - Vulnerability information for CVE-2021-25329.

book

Article ID: 210565

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

Apache Tomcat has published a vulnerability information for CVE-2021-25329.

(1) Does the above vulnerability apply to Spectrum 10.4.1 (Oneclick)?

Cause

 CVE-2021-25329 : This can be exploited when a user gets access to a file on the server. Later he can execute the file with scripts/malware on it. This can be a concern.

Environment

Release : 10.4.1

Component : Spectrum Core / SpectroSERVER

Resolution

(1) Does the above vulnerability apply to Spectrum 10.4.1 (Oneclick)?

Ans) Yes.

 

Note : Spectrum will upgrade to 9.0.43 tomcat in the next release where this issue will be fixed.