/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
We've identified some vulnerabilities issue with Apache Tomcat which is part of the installed component of Business Objects XI.
The followings are the details: Vuln ID: 6078 Apache Tomcat HTTP Server Directory Traversal Vuln ID: 5168 Apache Tomcat
Documentation Multiple XSS Vuln ID: 5263 Apache Tomcat JCP Example Web Application XSS Vuln ID: 4100 Apache Tomcat servlet
default files installed There are recommendations such as "Remove the 'server-info' file from the HTTP document root, or
restrict access to the page to authorized IP address. The recommend removing default files from the Apache Tomcat web server"
and "Software patches or temporary workarounds address security vulnerabilities which allow malicious users to subvert security
controls" Or simply Apache Tomcat 5.0.27 or which version should we upgrade to fix the vulnerabilities and what default files
we should remove.
Read more...
Product
Keywords
Tomcat 5.0.27Tomcat 5.5.XIR1 SP1 , KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)