Dx NetOps : CVE-2021-42340 - Apache Tomcat Vulnerability
Article ID: 227263
Updated On:
Products
CA Spectrum
Issue/Introduction
Affected by CVE-2021-42340
| CVE | CVSS Base Score | GITSIR's Rating | Product Name | Affected Version |
| CVE-2021-42340 | Not Available | Not Available | Apache Tomcat | Apache Tomcat 10.1.0-M1 to 10.1.0-M5 Apache Tomcat 10.0.0-M1 to 10.0.11 Apache Tomcat 9.0.40 to 9.0.53 Apache Tomcat 8.5.60 to 8.5.71 |
Environment
Release : 21.2
Component :
Resolution
The solution is to upgrade tomcat to either :
apache-tomcat-upgrade-10_0_12
apache-tomcat-upgrade-9_0_54
User story US782605 has been created for upgrading Tomcat to 9.0.54. It will be part of 21.2.6 if no issues observed during testing.
Note : This document is published in Nov-2021, it will updated once the upgrade is done.
Feedback
Yes
No
Powered by
