We have apache-tomcat 8.5.51 version on the Arcot Webfort/Strong Authentication server, which is vulnerable and needs to be upgraded.
Please let us know which would be the suitable and latest apache-tomcat version for the Arcot server.
Also provide us the steps for the upgrade.
Release : 9.1
Component : Strong Authentication
These are the supported Tomcat versions and you can go to the latest available on 9.x version of Tomcat to address any vulnerabilities.
Apache Tomcat 8.0.x, 8.5.x, 9.0
Here is the Platform support matrix which you should refer for any compatibility.
This is a third party software and We do not ship this in our product, please follow the Tomcat documentation for upgrade. Normally you should do something like this.