We are using the SAP BusinessObjects Business Intelligence client version 4.1 application whose main purpose is to provide reports for BMC Truesight Tool users. However, there is a vulnerability detected for the Apache Tomcat component of this application by the Qualys Scanning Tool.
Vulnerability details below.
CVE ID: CVE-2020-13935
Vulnerability name: Apache Tomcat WebSocket Denial of Service Vulnerability
Port on which vulnerability is detected: 8080
Server OS: Windows Server 2012 R2 Datacenter 64 bit Edition
I generally understand from few blogs, this vulnerability can be remediated by upgrading the Tomcat to a non-vulnerable version. However, it would be good if the SAP community help me to remediate this vulnerability with detailed steps.
Thanks and Regards,