'Ghostcat' and tracked as CVE-2020-1938, the flaw could let unauthenticated, remote attackers read the content of any file on a vulnerable web server and obtain sensitive configuration files or source code, or execute arbitrary code if the server allows file upload.
For more information on the vulnerability see: https://thehackernews.com/2020/02/ghostcat-new-high-risk-vulnerability.html
VisibleThread On-premise VMs
Note: Your VisibleThread on-premise installation is self-contained and running behind your corporate firewall, so there is very little actual risk of being impacted by this issue.
Note: VisibleThread Docs Does NOT require the APJ connector. Disabling it will NOT affect VisibleThread Docs.
All VisibleThread Docs On-Premise Customers should apply the following changes. We found the AJP Protocol is enabled by default. To shut the AJP connector down thereby resolving the vulnerability you just need to comment out the AJP connector in the server.xml file. Run the following command and then restart the service.
Ubuntu Deployments:
sed -i 's/<Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/>/<\!-- <Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/> -->/' /home/visiblethread/tomcat/conf/server.xml
Now restart the services
sudo service supervisor restart
The AJP Protocol is now disabled.
Red Hat Deployments:
sed -i 's/<Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/>/<\!-- <Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/> -->/' /opt/visiblethread/tomcat/conf/server.xml
Now restart the service
systemctl restart visiblethread-docs
The AJP Protocol is now disabled.