NEW Tomcat Upgrade to 7.0.79 for Demantra 12.2.6.2 and Earlier to Avoid Public Security Issues
Apache Tomcat versions 6.0.48, 7.0.73, 8.0.39, 8.5.7, and 9.0.0.M12 addressed multiple security issues, including CVE-2016-8735 (CVSS 9.8). Later versions have addressed many other vulnerabilities, including CVE-2017-5664 (CVSS 7.5). See the Apache Tomcat website for more information about vulnerabilities addressed: http://tomcat.apache.org/security.html
It is necessary for customers using Apache Tomcat as the Application Server with Demantra 12.2.6.2 and earlier versions to upgrade to Tomcat 7.0.79 to avoid the public security issues of Tomcat.
Please see MOS Note:2316594.1 NEW Tomcat Upgrade to 7.0.79 for Demantra 12.2.6.2 and Earlier to Avoid Public Security Issues
For Demantra 7.3.1.5.2 and below, please upgrade to Tomcat 7.0.79 -32bit with the following steps: