Fix vulnerability issue of Spring Framework RCE on Portal 22.1 installed on premise

Modified on Tue, 27 Sep, 2022 at 7:55 AM

This article guide how to avoid the vulnerability Issue CVE-2022-22965 . For version 22.1 it is done via updating the tomcat server. This alternative is described here. Guide is common for Portal installation on premise on Linux and Windows.



  1. Download apache-tomcat-9.0.62.zip from attachment .

  2. Stop the server

  3. Go to the installation directory and backup tomcat directory.

  4. Remove the old tomcat directory.

  5. Unpack apache-tomcat-9.0.62.zip to the Newired directory.

  6. Copy directories webapps and conf directories from backup. Please replace all files in conf directory.

  7. Start Portal server.


 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article