search cancel

How do I edit the 'server.xml' file to address vulnerability CVE-2020-1938?

book

Article ID: 228992

calendar_today

Updated On:

Products

Vantage Storage Resource Manager

Issue/Introduction

I tried to follow the instructions from the tech doc 186130, but I need guideline on how to do this because when I edit the "/usr/lpp/CAI/vantagegmi/runtime/apache-tomcat-8.5.31/conf/server.xml" file it is in binary format. I need to comment out the APJ connector in this file to solve this vulnerability CVE-2020-1938.

 

 

 

 

 

Cause

The 'server.xml' file is an ASCII file (not a binary file).

Environment

Release : 14.0

Component : CA Vantage Graphical Management Interface

Resolution

The 'server.xml' file is an ASCII file, and must be edited as such.  The user can use ISPF =3.17 to edit this file by navigating to the appropriate path where the file resides, and then using the prefix line command 'EA' against this file ('EA' = 'Edit ASCII').  This will place the user into an EDIT session where the file can be modified and then saved.