Tomcat Vulnerability CVE-2025-31650
Article ID: 399271
Updated On:
Products
Clarity FedRAMP
Clarity PPM On Premise
Clarity PPM SaaS
Issue/Introduction
Is Clarity impacted with Tomcat Vulnerability CVE-2025-31650
Environment
Clarity 16.3.1, 16.3.2
Cause
Informational Document
Resolution
Clarity is not vulnerable to this CVE-2025-31650 as Clarity doesn't use HTTP 2 Priority Headers as described in the vulnerability.
However Tomcat can still be upgraded to the mitigated version of Tomcat mentioned in CVE-2025-31650
- Steps to upgrade Tomcat with Clarity
- Stop and remove all the clarity services
- Download the Tomcat from Apache Website
- Extract the downloaded Tomcat to the servers
- Edit the properties.xml and update the path of the new tomcat version
- Re deploy the services and test in around use cases
Note: If there are certificates installed please cross check and update the same to ensure its working
Feedback
Yes
No
Powered by
