How to secure Apache TOMCAT server from vulnerability issue named as 'GhostCat' for Order Management

Products	Versions
TIBCO Order Management	5.0
TIBCO Order Management - Low Latency	5.0

Description

Under your TIBCO Order Management - Long Running 5.0.0 Home: 
Replace the older versions of the jars listed below with version 8.5.51 - Using the links to download.

/roles/aopd/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-annotations-api/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/8.5.51 
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/8.5.51
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/8.5.51 

/roles/configurator/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-annotations-api/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/8.5.51 
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/8.5.51 

/roles/ocs/standalone/lib  
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-annotations-api/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/8.5.51 
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/8.5.51
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/8.5.51 

/roles/omsServer/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-annotations-api/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/8.5.51 
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/8.5.51
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/8.5.51


/roles/omsui/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-annotations-api/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/8.5.51 
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-jasper/8.5.51    
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/8.5.51  
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/8.5.51
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/8.5.51 

/roles/userClient/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/8.5.51
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/8.5.51

Under your TIBCO Order Management - Low Latency 5.0.0 Home: 
Replace the older versions of the jars listed below with version 9.0.31 - Using the links to download.

/roles/aopd/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/9.0.31

/roles/authorization-service/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/9.0.31

/roles/catalog-services/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31

/roles/configuration-service/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/9.0.31

/roles/configurator/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-annotations-api/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31

/roles/dataservice/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31

/roles/orchestrator/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-jdbc/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-juli/9.0.31

/roles/tmf-om-adapter/standalone/lib
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-el/9.0.31
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-websocket/9.0.31

Issue/Introduction

How to secure Apache TOMCAT server from vulnerability issue named as 'GhostCat' for Order Management

Environment

All

Welcome to "KB Articles"

How to secure Apache TOMCAT server from vulnerability issue named as 'GhostCat' for Order Management

Article ID: KB0075660

Updated On:

Description

Issue/Introduction

Environment

Feedback