Lucene search

K
ibmIBMAE33D31A0FB7255EF28BE79BC12503CDC31DB9273944374F35C9752D138DD964
HistoryJul 24, 2020 - 10:19 p.m.

Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (CVE-2020-9484)

2020-07-2422:19:08
www.ibm.com
8

Summary

Multiple vulnerabilities in Open Source Apache Tomcat reported by The Apache Software Foundation affect IBM Tivoli Application Dependency Discovery Manager (TADDM)

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Tivoli Application Dependency Discovery Manager 7.3.0

Remediation/Fixes

Below eFix is prepared on top of 7.3.0.0 (7.3.0.1 - 7.3.0.7 not affected)

Fix VRMF APAR How to acquire fix
efix_tomcat70104_201411291020.zip 7.3.0.0 None Download eFix

Please get familiar with eFix readme in etc/<efix_name>_readme.txt
Note that the eFix requires manual deletion of the external/apache-tomcat directory.

Workarounds and Mitigations

The above eFix is applicable only to 7.3.0.0 and can be downloaded and applied directly.

Note: TADDM 7.3.0.1 - 7.3.0.7 are not affected as they use WebSphere Liberty Profile.

Related for AE33D31A0FB7255EF28BE79BC12503CDC31DB9273944374F35C9752D138DD964