Java Agent 2024.09: Critical vulnerability
search cancel

Java Agent 2024.09: Critical vulnerability

book

Article ID: 393980

calendar_today

Updated On:

Products

CA Application Performance Management (APM / Wily / Introscope)

Issue/Introduction

Vulnerability in Java Agent 2024.09 version.

 

Component Name CVE (Vulnerability ID) Security Risk CVSS Overall Score
Apache Tomcat - 9.0.87 CVE-2025-24813 (BDSA-2025-1980) Critical    9.8

Environment

APM 10.8 SP1

Resolution

The vulnerability CVE-2025-24813 is already resolved in 25.4.1 release of APM and agents.

The Apache tomcat version has already been upgraded to 10.1.36.

Attachments

tomcat_windows_20250409.zip get_app
tomcat_linux_20250409.tar get_app
Powered by Wolken Software