search cancel

Symantec Identity Manager - CVE-2021-33037 Apache Tomcat HTTP request smuggling


Article ID: 225893


Updated On:


CA Identity Manager CA Identity Suite


As per the link below, Tomcat is vulnerable to HTTP request smuggling.

The TOMCAT version that came integrated with CABI 7.1.1 is vulnerable.

What is the upgrade process for Tomcat from 8.5.30 be upgraded to 8.5.68 or higher?


Release : 14.3

Component :


Download the most recent minor release of Tomcat 8.5.X from the below link:

For upgrading the minor version you can try the below steps before doing a reinstall.

1) Back up your current Tomcat directory -- just in case
2) Download and extract the new version to a local directory
3) Stop Tomcat
4) Replace the files in /old-tomcat/lib with files from /new-tomcat/lib
5) Start Tomcat

Reference the below guide from Apache for further information: