Article - CS322941
Disable the default Apache Tomcat AJP port (8009) per CVE-2020-1938 for existing installastions of ThingWorx Platform
Modified: 02-Apr-2020
Applies To
- ThingWorx Platform 8.1 to 8.5
- Apache Tomcat
Description
- Per IT or Security Team Tomcat has port 8009 open
- Need to disable the AJP Port on Tomcat to prevent expose to CVE-2020-1938
- CVE-2020-1938 mentions that Apache Tomcat default service running on 8009 should be disabled
- Mitigating Ghostcat vulnerability in an existing ThingWorx Platform installation
This is a printer-friendly version of Article 322941 and may be out of date. For the latest version click CS322941