Impact of CVE-2020-9484 (Apache Tomcat) Vulnerability in DLO
Article ID: 100048580
Updated On:
Description
Reference:
More information on this vulnerability can be found at the National Vulnerability Database at the following link;
https://nvd.nist.gov/vuln/detail/CVE-2020-9484
Resolution
Veritas Desktop and Laptop Option (DLO) is not affected by this vulnerability.
The vulnerability can only be exploited if the PersistenceManager is used with a FileStore, which DLO does not. This option is not enabled against either the Dedupe or IO server options that use Apache Tomcat in DLO.
Issue/Introduction
Veritas Corporation is aware of the issue referred to in CVE-2020-9484, which impacts Apache Tomcat; if 4x specific circumstances are in place, an attacker may be allowed to control the contents and name of a file on the server.
https://nvd.nist.gov/vuln/detail/CVE-2020-9484
Reference:
More information on this vulnerability can be found at the National Vulnerability Database at the following link;https://nvd.nist.gov/vuln/detail/CVE-2020-9484
Was this article helpful?
Yes
No
Powered by
