Service Desk Manager VA--Apache Tomcat Request Mix-up Vulnerability (May 2022) CVE-2022-25762
search cancel

Service Desk Manager VA--Apache Tomcat Request Mix-up Vulnerability (May 2022) CVE-2022-25762

book

Article ID: 275173

calendar_today

Updated On:

Products

CA Service Desk Manager

Issue/Introduction

Is Service Desk Manager impacted by CVE-2022-25762

 

Environment

Release : 17.3

Resolution

You would need to make sure SDM Tomcat is on version 9.0.58 

Check NX.env file for 

@NX_TOMCAT_INSTALL_DIR=C:/Program Files (x86)/CA/SC/tomcat/9.0.58

if it is a lower version you would need to upgrade to 9.0.58. Once SDM Tomcat runs on 9.0.58 then it is not impacted by CVE-2022-25762

Note: if you are on RU14+ patch level, your Tomcat should have version 9.0.58.

Additional Information

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25762

Powered by Wolken Software