Vulnerabilities in Tomcat 8.5.30 for CABI
Article ID: 224019
Updated On:
Products
CA Service Operations Insight (SOI)
Issue/Introduction
Security Team has provided information about several vulnerabilities related to the Tomcat version 8.5.30 used for CABI.
The affected CVEs are:
CVE-2021-33037
CVE-2021-35517
CVE-2021-30639
CVE-2021-30640
CVE-2021-36090
CVE-2021-35516
CVE-2021-35515
The following versions are affected:
Apache Tomcat 8 all versions =< Apache Tomcat -> 8.5.66
A fix is required with latest Tomcat version 8.5.69
Environment
Release : 4.2
Component : Service Operations Insight (SOI) Manager
Using CABI 7.1.1
Cause
This information is specific to SOI - CABI 7.1.1 integration.
Not advised for use with other CABI versions or integration with other Broadcom products.
Resolution
The Tomcat provided with CABI 7.1.1 can be upgraded to 8.5.70 by replacing some files from the existing CABI Tomcat installation.
Please follow the below steps.
1. Stop 'CA Business Intelligence Tomcat' service
2. Go to the below location
CA\SC\CA Business Intelligence\apache-tomcat
3. Take a backup of the above apache-tomcat folder
4. Download the attached zip file and replace the files under apache-tomcat
5. Start 'CA Business Intelligence Tomcat' service.
Additional Information
Attachments
Feedback
Yes
No
Powered by
