The Siteminder Web Agent for Sharepoint 12.8.7 and higher bundles Tomcat 9.0.x as the application server.  Tomcat versions vary by the Web Agent for Sharepoint release:

r12.8.7: Tomcat 9.0.70
r12.8.8: Tomcat 9.0.83

KB398401 (archived) delivered Tomcat 9.0.104
KB406223 (archived) delivered Tomcat 9.0.105
KB417957 (archived) delivered Tomcat 9.0.107
KB417957 (archived) delivered Tomcat 9.0.111
KB433468 (archived) delivered Tomcat 9.0.115
KB437759 (archived) delivered Tomcat 9.1.117

There have been a number of vulnerabilities in Tomcat 9.0.117 and older which are remediated in Tomcat 9.0.118.

This KB delivers Tomcat 9.0.118 for Siteminder Agent for Sharepoint 12.8.7 and higher

For Siteminder Access Gateway see: KB441198 Vulnerabilities in Tomcat 9.0.117 and Older on Siteminder Access Gateway 

NOTE:  Web Agent for Sharepoint r12.52 SP01 ships with Tomcat 7.0.x

PRODUCT: Siteminder

COMPONENT: Web Agent for Sharepoint

VERSIONS IMPACTED: r12.8.7 and higher

OS: Any

The following CVE's were reported in Tomcat 9.0.117 and older.  These are remediated with Tomcat 9.0.118.

CVE-2026-43515 allows unauthorized access to restricted resources

SEVERITY: Moderate
DESCRIPTION:  When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied.

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

CVE-2026-43514 AJP secret compared in non-constant time

SEVERITY: Low
DESCRIPTION:  The AJP secret was compared in non-constant time allowing an attacker on the local network to mount a timing attack to determine the AJP secret.

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

CVE-2026-43513 LockOutRealm treats user names as case-sensitive

SEVERITY: Low
DESCRIPTION:  The LockOut Realm treated user names as case sensitive meaning that, for Realms where the user name was case insensitive, the LockOut Realm was not as effective at blocking brute force attacks against a user's password..

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

CVE-2026-43512 Digest authenticator will authenticate any unknown user

SEVERITY: Moderate
DESCRIPTION:  When DIGEST authentication was configured, any user not known to the configured Realm would be authenticated if they presented the password "null".

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

CVE-2026-43498 WebSocket authentication header exposure

SEVERITY: Low
DESCRIPTION:  If a WebSocket request was redirected after authentication, Tomcat's WebSocket client would present the most recent authentication header to the redirect target host

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

CVE-2026-41293 HTTP/2 request headers not validated

SEVERITY: Low
DESCRIPTION:  HTTP/2 request headers were not validated which may have triggered unexpected application behaviour if the application (quite reasonably) assumed that header value exposed through the Servlet API would be specification compliant.

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

CVE-2026-41284 Unbounded read in WebDAV LOCK and PROPFIND handling

SEVERITY: Low
DESCRIPTION:  No limit was enforced on the request body for WebDAV LOCK or PROPFIND requests which were available to unauthenticated users.

IMPACTED: Tomcat 9.0.0-M1 through 9.0.117

REMEDIATED: Apache Tomcat 9.0.118

How to Verify The Version of Tomcat on Siteminder Web Agent For Sharepoint

Upgrade Tomcat for Symantec Siteminder Web Agent for Sharepoint to Tomcat 9.0.118

1) Download the 'Tomcat_9.0.118.zip' (attached to this KB)

2) Copy 'Tomcat_9.0.118.zip' to the Web Agent for Sharepoint Server and unzip it.

3) Stop the Web Agent for Sharepoint Server

4) Back-up the <Install_Dir>\Agent-for-SharePoint\Tomcat\lib\ directory

EXAMPLE: cp -R /<Install_Dir>/Agent-for-SharePoint/Tomcat/lib/ /<Install_Dir>/Agent-for-SharePoint/Tomcat/lib-BAK

5) Back-up the <Install_Dir>\Agent-for-SharePoint\Tomcat\bin directory

EXAMPLE: cp -R /<Install_Dir>/Agent-for-SharePoint/Tomcat/bin/ /<Install_Dir>/Agent-for-SharePoint/Tomcat/bin-BAK

6) Copy the following jar files from "/Tomcat_9.0.117/lib" to "<Install_Dir>/Agent-for-SharePoint/Tomcat/lib"

websocket-api.jar
tomcat-websocket.jar
tomcat-util-scan.jar
tomcat-util.jar
tomcat-jni.jar
tomcat-jdbc.jar
tomcat-i18n-zh-CN.jar
tomcat-i18n-ru.jar
tomcat-i18n-pt-BR.jar
tomcat-i18n-ko.jar
tomcat-i18n-ja.jar
tomcat-i18n-fr.jar
tomcat-i18n-es.jar
tomcat-i18n-de.jar
tomcat-i18n-cs.jar
tomcat-dbcp.jar
tomcat-coyote-ffm.jar
tomcat-coyote.jar
tomcat-api.jar
servlet-api.jar
jsp-api.jar
jaspic-api.jar
jasper-el.jar
jasper.jar
el-api.jar
ecj-4.20.jar
catalina-tribes.jar
catalina-storeconfig.jar
catalina-ssi.jar
catalina-ha.jar
catalina-ant.jar
catalina.jar
annotations-api.jar

NOTE: Copy the Files from source directory to target directory. Do Not copy the /bin and /lib directories themselves.  

EXAMPLE: cp -rf /<Tomcat_9.0.118>/lib/* /<Install_Dir>/Agent-for-SharePoint/Tomcat/lib/

7) Copy the following jar files from "Tomcat_9.0.117/bin" to "<Install_Dir>/Agent-for-SharePoint/Tomcat/bin"

bootstrap.jar
commons-daemon.jar
tomcat-juli.jar

NOTE: Copy the Files from source directory to target directory.  Do not copy the /bin and /lib directories themselves.  

EXAMPLE:

cp -rf /<Tomcat_9.0.118>/bin/* /<Install_Dir>/Agent-for-SharePoint/Tomcat/bin/

8a) Linux - backup your /<Install_Dir>/Agent-for-SharePoint/proxy-engine/ProxyServer.sh and add the classpath for the tomcat-juli.jar 

Example:

SM_PROXY_CP=${TOMCAT_HOME}/bin/proxybootstrap.jar:${TOMCAT_HOME}/properties:${NETE_SPS_ROOT}/resources:${JAVA_HOME}/lib/tools.jar:${JAVA_HOME}/lib/tools.jar:${TOMCAT_HOME}/bin/bootstrap.jar:${TOMCAT_HOME}/bin/tomcat-juli.jar:${TOMCAT_HOME}/lib/smi18n.jar:${NETE_SPS_ROOT}/agentframework/java/bc-fips-1.0.2.4.jar

8b) Windows - backup your \Agent-for-SharePoint\proxy-engine\conf\SmSpsProxyEngine.properties and add the classpath for the tomcat-juli.jar 

Example:

NETE_SPS_PROXYENGINE_CMD="%NETE_SPS_JAVA_HOME%\bin\java.exe" -Xms512m -Xmx1024m -XX:MaxMetaspaceSize=256M -Dcatalina.base="%NETE_SPS_TOMCAT_HOME%" -Dcatalina.home="%NETE_SPS_TOMCAT_HOME%" -Djava.endorsed.dirs="%NETE_SPS_TOMCAT_HOME%\endorsed" -Djava.endorsed.dirs="%NETE_SPS_TOMCAT_HOME%\endorsed" -Djava.io.tmpdir="%NETE_SPS_TOMCAT_HOME%\temp" -DSM_AGENT_LOG_CONFIG="%STS_AGENT_LOG_CONFIG_FILE%" -Dfile.encoding=UTF8 -DIWACONFIGHOME="%IWACONFIGHOME%" -Dlogger.properties="%NETE_SPS_TOMCAT_HOME%\properties\logger.properties" -classpath "%NETE_SPS_TOMCAT_HOME%\bin\proxybootstrap.jar;%NETE_SPS_TOMCAT_HOME%\bin\tomcat-juli.jar;%NETE_SPS_TOMCAT_HOME%\properties;%NETE_SPS_JAVA_HOME%\lib\tools.jar;%NETE_SPS_JAVA_HOME%\lib\tools.jar;%NETE_SPS_TOMCAT_HOME%\bin\bootstrap.jar;%NETE_SPS_ROOT%\resources;%NETE_SPS_ROOT%\agentframework\java\bc-fips-1.0.2.4.jar" com.netegrity.proxy.ProxyBootstrap -config "%NETE_SPS_ROOT%/proxy-engine/conf/server.conf"

9) Start the Agent for Sharepoint Server.

10) Once functionality has been verified, you can delete the backed up directories

/<Install_Dir>/Agent-for-SharePoint/Tomcat/lib-BAK
/<Install_Dir>/Agent-for-SharePoint/Tomcat/bin-BAK

How to Verify The Version of Tomcat on Siteminder Web Agent For Sharepoint

KB441198 Vulnerabilities in Tomcat 9.0.117 and Older on Siteminder Access Gateway 

Fixed_in_Apache_Tomcat_9.0.118

Vulnerabilities in Tomcat 9.0.118 and older: 

CVE-2026-43515
CVE-2026-43514
CVE-2026-43513
CVE-2026-43512
CVE-2026-42498
CVE-2026-41293
CVE-2026-41284
CVE-2026-34500 
CVE-2026-34487 
CVE-2026-34486 
CVE-2025-34483 
CVE-2026-32990 
CVE-2026-29146
CVE-2026-29145
CVE-2026-29129
CVE-2026-25854
CVE-2026-24880
CVE-2026-24734
CVE-2026-24733
CVE-2025-66614
CVE-2025-61795
CVE-2025-55754
CVE-2025-48989
CVE-2025-52434
CVE-2025-52520
CVE-2025-53506
CVE-2025-49125
CVE-2025-49124
CVE-2025-48988
CVE-2025-18976
CVE-2025-46701
CVE-2025-31651
CVE-2025-31650
CVE-2028-24813
CVE-2024-56337
CVE-2024-54677
CVE-2024-50379
CVE-2024-52318
CVE-2024-52317
CVE-2024-52316
CVE-2024-34750
CVE-2024-38286
CVE-2024-23672
CVE-2024-24549
CVE-2023-46589
CVE-2023-45648
CVE-2023-44487
CVE-2023-42795
CVE-2023-42794
CVE-2023-41080
CVE-2023-34981
CVE-2023-28709
CVE-2023-28708
CVE-2023-24998