CVE-2017-12616 vulnerability of Tomcat. : CloudBlue Technical Support

CVE-2017-12616 vulnerability of Tomcat.

Modified on: Thu, 23 Jan, 2020 at 5:26 AM

Operations Automation

Question

A Tomcat server is vulnerable to CVE-2017-12616 in case VirtualDirContext is used. Can OA UI service be affected?

Answer

No, VirtualDirContext is not enabled by default:

[root@ui conf]# grep -r 'VirtualDirContext' /usr/local/apache-tomcat-7.0.55/conf/*
[empty output]
[root@ui conf]# grep -r 'VirtualDirContext' /usr/local/pem/etc/ui/conf/*
[empty output]

Internal content

Did you find it helpful? Yes No

Help Desk Software by Freshdesk

CVE-2017-12616 vulnerability of Tomcat.

Question

Answer

Internal content

Related Articles