Apache Tomcat in JS affected by a vulnerability CVE-2021-30640”
search cancel

Apache Tomcat in JS affected by a vulnerability CVE-2021-30640”

book

Article ID: 269393

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

Our security team detected a vulnerability CVE-2021-30640 on our Apache Tomcat in JS reporting server where the Apache Tomcat version 9.0.37 was installed and suggested we should upgrade the Apache Tomcat version to  9.0.46 or later 

 

Environment

Release : 16.0.2

Resolution

  • Jaspersoft 7.8 or 8.1.1 is not impacted with the vulnerability
  • This vulnerability is for JNDI realm and Jaspersoft implementation with clarity JNDI is not used.
Powered by Wolken Software