It mentions about the vulnerability and the ITAM and I have even tried out both suggested approaches but once I have modified the Tomcat config file the application fails to run.
Hello Mariusz, We have below components using Tomcat version as part of CA Client Automation. - Web Admin Console (WAC): 8.5.6 - Extended Network Connectivity (ENC): 8.5.6 - Content Import Client (CIC): 8.0.26
Following versions are having impact as per the information from this link (https://www.secpod.com/blog/ghostcat-vulnerability-cve-2020-1938/)
As per above information, only CIC component in CA Client Automation having an impact of this vulnerability for which we are planning to upgrade Tomcat version but for now as a work around solution for remediation, you can comment the below entry in server.xml (SC\CIC\Tomcat\conf\ server.xml).
AJP protocol related attribute is causing the vulnerability
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Enterprise Software Division | +91 40 66879269 (O) | +91 7032640296 (M) | firstname.lastname@example.org