Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

TOMCAT mod_jk.so Vulnerability

TOMCAT mod_jk.so now exist in our WCS v4.1.83.0. The fix is in the 4.1.92.0. Is it necessary to de-install 4.1.83 before installing 4.1.92?

Is this upgrade really necessary?

1 REPLY
Silver

Re: TOMCAT mod_jk.so Vulnerability

Use this workaround.

Filters that deny HTTPS packets using TCP port 443 should be deployed throughout the network as part of a tACL policy for protection of traffic which enters the network at ingress access points. This policy should be configured to protect the network device where the filter is applied and other devices behind it. Filters for HTTPS packets using TCP port 443 should also be deployed in front of vulnerable network devices so that traffic is only allowed from trusted clients.

http://www.cisco.com/en/US/products/products_security_advisory09186a008093f040.shtml#@ID

182
Views
0
Helpful
1
Replies
CreatePlease to create content