Apache-tomcat vulnerability found, Upgrade steps for Tomcat for Advanced Authentication
search cancel

Apache-tomcat vulnerability found, Upgrade steps for Tomcat for Advanced Authentication

book

Article ID: 237194

calendar_today

Updated On:

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort) CA Strong Authentication CA Risk Authentication

Issue/Introduction

Customer has apache-tomcat 8.5.51 version on the  WebFort/Strong Authentication server, which is vulnerable and needs to be upgraded.

Which would be the suitable and latest apache-tomcat version for the Arcot server, Also provide us the steps for the upgrade?

Environment

Release : 9.x

Component : Strong Authentication

Risk Authentication

Resolution

Below are the supported Tomcat versions and you can go to the latest available on 9.x version of Tomcat to address any vulnerabilities.

Apache Tomcat 8.0.x, 8.5.x, 9.0

Here is the Platform support matrix which you should refer for supported/certified Tomcat versions.

Advanced Authentication Platform Support Matrix

This is a third party software and we do not ship this with  our product release bundles, please follow the Tomcat documentation for upgrade. At a high level the steps would be as follows:

  • Take backup of the TOMCAT_HOME/webapps directory.
  • Backup the JDBC jar file available in TOMCAT_HOME/lib directory.
  • Uninstall the Tomcat App server
  • Install the version you need to deploy.
  • Copy the JDBC jar which you copied before in TOMCAT_HOME/lib directory.
  • Copy of the contents of the backed up webapps directory to newly installed TOMCAT_HOME/webapps directory.

Note:-> Please ensure that the Updated/Upgraded Tomcat server uses the same Java as runtime. If Java is also updated/upgraded to compatible version then additionally follow these steps.

Additional Information

Powered by Wolken Software