VisibleThread -
Help Center Find helpful articles on different VisibleThread Products

Follow

Security Announcement - Ghost Cat vulnerability ( CVE-2020-1938)

'Ghostcat' and tracked as CVE-2020-1938, the flaw could let unauthenticated, remote attackers read the content of any file on a vulnerable web server and obtain sensitive configuration files or source code, or execute arbitrary code if the server allows file upload.

For more information on the vulnerability see: https://thehackernews.com/2020/02/ghostcat-new-high-risk-vulnerability.html

VisibleThread On-premise VMs

Note: Your VisibleThread on-premise installation is self-contained and running behind your corporate firewall, so there is very little actual risk of being impacted by this issue.

Note: VisibleThread Docs Does NOT require the APJ connector. Disabling it will NOT affect VisibleThread Docs.

All VisibleThread Docs On-Premise Customers should apply the following changes. We found the AJP Protocol is enabled by default. To shut the AJP connector down thereby resolving the vulnerability you just need to comment out the AJP connector in the server.xml file. Run the following command and then restart the service.

Ubuntu Deployments:

sed -i 's/<Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/>/<\!-- <Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/> -->/' /home/visiblethread/tomcat/conf/server.xml

Now restart the services

sudo service supervisor restart

The AJP Protocol is now disabled.

 

Red Hat Deployments:

sed -i 's/<Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/>/<\!-- <Connector port="8009" protocol="AJP\/1.3" redirectPort="8443" \/> -->/' /opt/visiblethread/tomcat/conf/server.xml

Now restart the service

systemctl restart visiblethread-docs

The AJP Protocol is now disabled.

Was this article helpful?
0 out of 0 found this helpful

Get Additional Help

Visit our Helpdesk for additional help and support.