You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Kenaw, Seretseab" <se...@ecolab.com.INVALID> on 2021/10/13 18:16:22 UTC
Security Vulnerability Question
Hello,
Our IT team just notified us with a severe security vulnerability on our web application with the Tomcat version that we are using (9.0.12). What remediations can we use to quickly fix the issue?
Thank you
Seretseab Kenaw
CONFIDENTIALITY NOTICE: This e-mail communication and any attachments may contain proprietary and privileged information for the use of the designated recipients named above. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
Re: Security Vulnerability Question
Posted by Mark Thomas <ma...@apache.org>.
On 13/10/2021 19:16, Kenaw, Seretseab wrote:
> Hello,
>
> Our IT team just notified us with a severe security vulnerability on our web application with the Tomcat version that we are using (9.0.12). What remediations can we use to quickly fix the issue?
Upgrade Tomcat.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Security Vulnerability Question
Posted by George Stanchev <Ge...@microfocus.com>.
Upgrade to latest?
-----Original Message-----
From: Kenaw, Seretseab <se...@ecolab.com.INVALID>
Sent: Wednesday, October 13, 2021 12:16 PM
To: users@tomcat.apache.org
Subject: Security Vulnerability Question
Hello,
Our IT team just notified us with a severe security vulnerability on our web application with the Tomcat version that we are using (9.0.12). What remediations can we use to quickly fix the issue?
Thank you
Seretseab Kenaw
CONFIDENTIALITY NOTICE: This e-mail communication and any attachments may contain proprietary and privileged information for the use of the designated recipients named above. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Security Vulnerability Question
Posted by Mark Eggers <it...@yahoo.com.INVALID>.
On 10/13/2021 11:16 AM, Kenaw, Seretseab wrote:
> Hello,
>
> Our IT team just notified us with a severe security vulnerability on our web application with the Tomcat version that we are using (9.0.12). What remediations can we use to quickly fix the issue?
>
> Thank you
> Seretseab Kenaw
>
> CONFIDENTIALITY NOTICE: This e-mail communication and any attachments may contain proprietary and privileged information for the use of the designated recipients named above. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>
Update.
Your version of Tomcat is over 3 years old. There are multiple security
vulnerabilities that have been addressed since then.
See: https://tomcat.apache.org/security-9.html
. . . just my two cents
/mde/