VMware Cloud Community
Park3r
Contributor
Contributor

Tomcat upgrade

Hi,

our nessus scanner found the Tomcat version (6.0.20) which comes with vCenter 4.1 is vulnerable to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227

is there a way how to upgrade Tomcat to a newer version from apache.org?i suppose it's not as simple as downloading the installer from apache and run it, or is it?

thanks for your help

Tags (3)
Reply
0 Kudos
2 Replies
AndreTheGiant
Immortal
Immortal

Cause the tomcat is part of vCenter I suggest to keep as is and wait official update from VMware.

Otherwise the related webservices can stop to work.

Andre

Andrew | http://about.me/amauro | http://vinfrastructure.it/ | @Andrea_Mauro
Reply
0 Kudos
chadwickking
Expert
Expert

Or you can open an SR request with VMware and they can walk you through it.  The versions they use for alot of their products are not the latest and most secured but if it is a concern they can take you through it as they did me.  I documented it but because of my NDA it was left at my last job.

Smiley Happy

Regards,

Chad King

Cheers, Chad King VCP4 Twitter: http://twitter.com/cwjking | virtualnoob.wordpress.com If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
Reply
0 Kudos