OpenText product name changes coming to the community soon! Learn more.

Wikis - Page

Knowledge Doc: CVE-2024-52316 Apache Tomcat: Authentication bypass when using Jakarta Authentication API

1 Likes

The article will point to a hotfix that is available to bring the Tomcat to 9.0.97 or later to avoid CVE-2024-52316 reports.

Environment

Operations Bridge Manager (OBM) 24.2 

Situation

The OBM servers have been flagged for CVE-2024-52316 Apache Tomcat: Authentication bypass when using Jakarta Authentication API:

https://nvd.nist.gov/vuln/detail/CVE-2024-52316
https://www.cve.org/CVERecord?id=CVE-2024-52316
https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928

Does this vulnerability apply to OBM servers, and if so, is there a fix yet?

For cause and resolution, read the complete knowledge article.

Labels:

Support Tips/Knowledge Docs
Comment List
Related
Recommended