Is Process Director Web Application impacted by the CVE-2019-0232, CVE-2019-0199 and CVE-2019-0221 vulnerabilities?
Article # 3047364 - Page views: 63
Issue
Is Process Director Web Application impacted by the following vulnerabilities found in TOMCAT and IIS?
- CVE-2019-0232
- CVE-2019-0199
- CVE-2019-0221
These vulnerabilities are related to the HTTP OPTIONS method for Apache, the web browser and IIS.
The auditory results propose a solution:
• Disable HTTP OPTIONS method, Disable HTTP OPTIONS method on your web server.
• Apache HTTPD, Disable HTTP OPTIONS Method for Apache
• Microsoft IIS, Disable HTTP OPTIONS Method for IIS
Solution
Process Director Web Application does not use the HTTP OPTIONS method. So It should be not affected.
Anyway, we recommend to install always the latest patch level.
Level of Complexity
Moderate
Applies to
| Product | Version | Build | Environment | Hardware |
|---|---|---|---|---|
| PD WEB APPLICATION | 7.8 | PL3 |
References
Article # 3047364