[OO Tip] Tomcat 220.127.116.11. CVE-2013-2071 vulnerability
Operations Orchestration (OO) 10.01 uses tomcat 18.104.22.168. A vulnerability came out May 9 2013. This link shows the details: http://tomcat.apache.org/security-7.html
Moderate: Information disclosure CVE-2013-2071
Bug 54178 described a scenario where elements of a previous request may be exposed to a current request. This was very difficult to exploit deliberately but likely to happen unexpectedly if an application used AsyncListeners that threw RuntimeExceptions.
This was fixed in tomcat 7.0.40
Tomcat is upgraded in OO 10.02 to 7.0.47. Upgrade to 10.02 will correct this issue and is recommended.
Direct link to the document here:
If you find that this or any post resolves your issue, please be sure to mark it as an accepted solution.