Security Team informed us about several vulnerabilities related to the tomcat version 8.5.30 used for CABI.
The affected CVEs are:-
The following versions are affected:
Apache Tomcat 8 all versions =< Apache Tomcat -> 8.5.66
This information is specific to SOI - CABI 7.1.1 integration.
Not advised for use with other CABI versions or integration with other Broadcom products.
SERVICE OPERATIONS INSIGHT 4.2
To mitigate these vulnerabilities, you must upgrade the tomcat version to 8.5.70. Follow these steps:
After replacing the files in the apache-tomcat folder, port number is changed to default.
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>