The tomcat that gets comes bundled with CA BOXI 4.1 SP5 is 7.0.55. We have implemented it in the production environment. The vulnerability scan of the server is showing the following vulnerability:
CVE-2015-5351 Apache Tomcat XSRF Token Disclosure
Its solution is to upgrade the tomcat version to 7.0.68.
Is it possible to upgrade the tomcat version of BOXI SP5 patch?
If yes, kindly provide the steps for doing that.
Thanks & Regards,
Balram Singh Deswal