Is CABI 6.3 vulnerable to CVE-2017-12617?

Document ID : KB000095045
Last Modified Date : 08/05/2018
Show Technical Document Details
Question:
Is the current version of CABI 6.3 vulnerable to the CVE-2017-12617?
Environment:
Spectrum 10.2.x
CABI 6.3
Answer:
Yes, the current version of CABI 6.3 is vulnerable to CVE-2017-12617.  You will need to upgrade to CABI 6.4.2 which is available on the CA Spectrum Product page and contains Tomcat 8.5.23 with the vulnerability resolved.


 
Additional Information:
For additional information regarding the Jaspersoft upgrade please see

https://comm.support.ca.com/kb/cabi-jasper-6-4-2/kb000092749