Select to view content in your preferred language

CVE-2020-1938/Ghostcat and Esri Software

868
0
03-04-2020 06:12 AM
RandallWilliams
Esri Regular Contributor
1 0 868

A new Tomcat CVE (CVE-2020-1938) referred to as 'Ghostcat' has a lot of users asking how Esri software is affected.

Michael Young has written a blog describing how users may be impacted and offers guidance for customers who deploy the Java version of the ArcGIS Web Adaptor on Tomcat or use Apache httpd along with Tomcat in a reverse proxy solution.  

 

You'll find this blog titled "Don't get Bitten by GhostCat Tomcat Vulnerability"in the 'Alerts and Announcements' section on the front page of the ArcGIS Trust Center.