Demantra Solutions - EBS (MOSC)

MOSC Banner

UPDATE! Alert! Tomcat Upgrade to 7.0.91 / 8.5.34 for Demantra 12.2.8.0 and earlier to Avoid Securit

edited Apr 1, 2019 2:32PM in Demantra Solutions - EBS (MOSC)

THIS is a NEW Security Alert Message for Tomcat users only!

APPLIES TO:

Demantra 12.2.8 and earlier versions using Apache Tomcat as the Application Server

DESCRIPTION:

Tomcat Upgrade to 7.0.91 / 8.5.34 for Demantra 12.2.8.0 and earlier

OCCURRENCE:

Apache Tomcat 9.0.12, 8.5.34, and 7.0.91 address CVE-2018-11784, which is a vulnerability that allows remote attackers to conduct redirect attacks through specially crafted URLs. Its CVSS base score is 4.3 in NVD. CVE-2018-8034 was also addressed in Apache Tomcat 9.0.10, 8.5.32, and 7.0.89.

To avoid the security issues of Tomcat, it is necessary for customers on 12.2.6.2 or earlier versions with Apache Tomcat as the Application Server to upgrade to Tomcat 7.0.91, and for customers on 12.2.6.3 through 12.2.8.0 to upgrade to Tomcat 8.5.34.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

EBS Demantra Tags

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center