cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Java Deserialization Remote Code Execution ob BOXI3.1SP7

Former Member

on ‎05-24-2016 4:03 PM

0 Kudos

I have this requirement to disable the Java Deserialization Remote code execution on one of our Tomcat Web App servers.

Can you please guide me how to execute/disable this on the Tomcat Web App server and then have to test Business objects Webi reports etc to make sure if this has any impact.

Thanks,

Shravan

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎05-25-2016 8:05 PM
0 Kudos

Hi Shravan,

As per the error message I guess its a security vulnerability in tomcat  Remote Code Execution CVE-2013-4444 is a bug in tomcat.

To fix this vulnerability you need to upgrade your minor version of tomcat to tomcat 7.0.40.

You could also refer to tomcat link below.

https://tomcat.apache.org.security-7.html

Thanks

Show replies
Show replies
Ask a Question