Question: Does CVE-2020-1938 affect Web Portal 2020r1?
Answer:
No, CVE-2020-1938 does not affect Web Portal. Though Web Portal makes uses of an affected version of Tomcat (9.0.29.0), Web Portal does not enable the AJP connector (\erwinMetadataManagement\tomcat\conf\server.xml) by default.
For more information on this vulnerability, please see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938 and reach out at https://support.erwin.com/hc/en-us if you have any questions.
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center