Tomcat Vulnerability CVE-2025-48989

search cancel

Tomcat Vulnerability CVE-2025-48989

book

Article ID: 407951

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager

Issue/Introduction

Does the Tomcat vulnerability CVE-2025-48989 affect to Service Desk Manager?

Environment

CA Service Desk Manager 17.4

Resolution

The vulnerability does not affect SDM 17.4 as out of the box, only HTTP/1.1 protocol is supported. Any configurations made to implement HTTP/2 are NOT supported/certified and NOT recommended. We recommend backing out of any configurations in place that implemented http/2.

Additional Information

The HTTP2 Upgrade Protocol

http2 protocol support in Service desk

HTTP/2 Vulnerability (CVE-2023-44487)

Feedback

thumb_up Yes

thumb_down No