Overview

Jive can be protected from the vulnerabilities CVE-2018-8034 and CVE-2018-1336 if Apache Tomcat is upgraded to a higher version. This article provides information on this matter, and details which version of Apache Tomcat protects Jive from these vulnerabilities.

Environment

• Jive Interactive Intranet-Core
• Jive Hosted
  
  

Resolution

As per defect ID JVHOPST-3163, the Apache Tomcat version is upgraded to 9.0.13 in Jive v9.0.7, thus, fixing the specified vulnerabilities.