Search Engine: Elastic

Article ID: 131497, created on Sep 21, 2017, last review on Sep 21, 2017

  • Applies to:
  • Operations Automation

Question

A Tomcat server is vulnerable to CVE-2017-12616 in case VirtualDirContext is used. Can OA UI service be affected?

Answer

No, VirtualDirContext is not enabled by default:

[root@ui conf]# grep -r 'VirtualDirContext' /usr/local/apache-tomcat-7.0.55/conf/*
[empty output]
[root@ui conf]# grep -r 'VirtualDirContext' /usr/local/pem/etc/ui/conf/*
[empty output]

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF