Is the NuGenesis Apache Tomcat implementation subject to Vulnerability CVE-2019-0232? - WKB202341
Article number: 202341
ENVIRONMENT
- NuGenesis 9 SDMS
- NuGenesis 8 SDMS
ANSWER
No.
SDMS does not use CGI, so the Tomcat configuration for SDMS doesn't enable it. Vulnerability CVE-2019-0232 requires that a server is deliberately configured in a insecure manner to invoke this bug.
It is possible to upgrade Apache Tomcat to versions not affected by this vulnerability, but it's not necessary for this specific configuration.
ADDITIONAL INFORMATION
Each Vulnerability may be different from other, should be identified and discussed separately.
id202341, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG