<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>BRNWD Tracker</title>
    <link>https://communities.vmware.com/wbsdv95928/tracker</link>
    <description>BRNWD Tracker</description>
    <pubDate>Wed, 15 Nov 2023 13:38:35 GMT</pubDate>
    <dc:date>2023-11-15T13:38:35Z</dc:date>
    <item>
      <title>Re: Apache Tomcat 8.5.0 &lt; 8.5.63 Multiple Vulnerabilities - vSPhere Replication Latest Version -</title>
      <link>https://communities.vmware.com/t5/vSphere-Replication-Discussions/Apache-Tomcat-8-5-0-lt-8-5-63-Multiple-Vulnerabilities-vSPhere/m-p/2977201#M3706</link>
      <description>&lt;P&gt;I've stumbled across your question while seeking the same answer. I have found this:&lt;/P&gt;&lt;P&gt;&lt;A href="https://kb.vmware.com/s/article/2000954" target="_blank"&gt;https://kb.vmware.com/s/article/2000954&lt;/A&gt;&lt;/P&gt;&lt;P&gt;Which states: "&lt;SPAN&gt;The appropriate method for patching the included Apache Tomcat application is to apply the latest version/patch of vCenter Server. As new versions of vCenter Server are released, the included Apache Tomcat application may be upgraded to a newer version that would address the known vulnerabilities."&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Is that good enough for a POAM? I guess I'm going to find out.&amp;nbsp;&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Thu, 13 Jul 2023 16:00:19 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/vSphere-Replication-Discussions/Apache-Tomcat-8-5-0-lt-8-5-63-Multiple-Vulnerabilities-vSPhere/m-p/2977201#M3706</guid>
      <dc:creator>BRNWD</dc:creator>
      <dc:date>2023-07-13T16:00:19Z</dc:date>
    </item>
  </channel>
</rss>

