ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

iDash Vulnerability related to tomcat


Article ID: 223759


Updated On:


iDash Workload Automation


I've recently upgraded the Workload Automation iDash from 12.0 to ( assuming tomcat vulnerabilities will be fixed however even the upgrade could not fix it. Please advise if there is any other way of getting it fixed.


Apache Tomcat HTTP2 Client Information Disclosure Vulnerability(CVE-2020-13943)

Apache Tomcat Authentication Vulnerability (CVE-2021-30640)


Release : 12.1

Component :


We are aware of these vulnerabilities and they will be addressed in the next release of idash. We do not have a release date at this time.

We plan to upgrade Tomcat version from 8.5.57 to 8.5.66 in the next release.

CVE-2020-17527 is fixed in 8.5.60 and CVE-2020-13943 is fixed in Tomcat 8.5.58.