How to Secure Apache Tomcat server from CVE-2020-1938 GhostCat Vulnerability for TIBCO Managed File Transfer Internet Server/Command Center
Article ID: KB0075571
Updated On:
| Products | Versions |
|---|---|
| TIBCO Managed File Transfer Internet Server | All |
Description
A vulnerability (CVE-2020-1938) has been identified on Apache Tomcat, named “GhostCat”, which is a flaw in the Tomcat AJP protocol.
In order for an attacker to exploit the vulnerability of GhostCat, the AJP Connector must be activated and the attacker must have access to the AJP Connector service port.
In order for an attacker to exploit the vulnerability of GhostCat, the AJP Connector must be activated and the attacker must have access to the AJP Connector service port.
Issue/Introduction
How to Secure Apache Tomcat server from CVE-2020-1938 GhostCat Vulnerability for TIBCO Managed File Transfer Internet Server/Command Center
Environment
All supported environments
Resolution
TIBCO Managed File Transfer Internet Server and Command Center do not need the Apache Tomcat AJP Connector. The AJP Connector can be disabled by doing the following:
- Back up file: <install>/server/conf/server.xml
- Edit file server.xml
- Delete or comment out the AJP Connector. The following are examples of the line that should be either deleted or commented out:
Internet Server:
<Connector port="7009" protocol="AJP/1.3" redirectPort="7443"/>
Command Center:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
- Restart TIBCO Managed File Transfer Internet Server and Command Center
- Back up file: <install>/server/conf/server.xml
- Edit file server.xml
- Delete or comment out the AJP Connector. The following are examples of the line that should be either deleted or commented out:
Internet Server:
<Connector port="7009" protocol="AJP/1.3" redirectPort="7443"/>
Command Center:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
- Restart TIBCO Managed File Transfer Internet Server and Command Center
Feedback
Yes
No
Powered by
