This KB includes instructions on how to verify the version of Apache Tomcat running on the Siteminder Access Gateway Server.
PRODUCT: Siteminder
COMPONENT: Access Gateway Server
VERSION: Any
OS: Linux and Windows
Siteminder Access Gateway ships bundled with with an instance of Apache Tomcat. Periodically, Common Vulnerabilities and Exposures (CVE's) are published which address various web server and application servers, such as Tomcat. You will need to be able to compare the visions published in the CVE's with the version installed on the Siteminder Access Gateway Server.
Here are steps to determine which version of Apache Tomcat is running on a Siteminder Access Gateway Server
WINDOWS
1) Open a command-prompt (cmd.exe) with elevated privileges (Run As Administrator)
2) Change to the following directory
<Install_Dir>\CA\secure-proxy\Tomcat\lib
<Install_Dir> = Root drive and path to the Siteminder Access Gateway installation
Default: C:\Program Files\CA\secure-proxy\
3) Run the following command:
java -cp catalina.jar org.apache.catalina.util.ServerInfo
LINUX
1) Change to the following directory
<Install_Dir>/CA/secure-proxy/Tomcat/lib
<Install_Dir> = Root drive and path to the Siteminder Access Gateway installation
Default: opt/CA/secure-proxy/
2) Run the following command:
java -cp catalina.jar org.apache.catalina.util.ServerInfo
You should get output similar to the following:
Server version: Apache Tomcat/9.0.86
Server built: Feb 14 2024 08:15:12 UTC
Server number: 9.0.86.0
OS Name: Linux
OS Version: 4.18.0-372.19.1.el8_6.x86_64
Architecture: amd64
JVM Version: 1.8.0_345-b01
JVM Vendor: Red Hat, Inc.