Guest

Preview Tool

Cisco Bug: CSCvu82549 - CIAM: tomcat 9.0.17 version upgrade

Last Modified

Jul 16, 2020

Products (1)

  • Cisco Network Convergence System 2000 Series

Known Affected Releases

4.0

Description (partial)

Current tomcat version used is vulnerable. It needs to be upgraded.

Symptom:
This product includes Third-party Software that is affected by the
vulnerabilities identified by the following Common Vulnerability and
Exposures (CVE) IDs:

CVE-2016-5425 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5425
CVE-2019-0221 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221
CVE-2019-0232 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232
CVE-2019-10072 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10072
CVE-2019-12418 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12418
CVE-2019-17563 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563
CVE-2020-1935 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1935
CVE-2020-1938 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
CVE-2020-9484 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484

This bug was opened to address the potential impact on this product.

Conditions:
Device with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.