CVE-2025-31651 Apache Tomcat - Rewrite rule bypass Vulnerabilities

book

Article ID: 100074293

calendar_today

Updated On:

Description

Impact of Vulnerability on Apache Tomcat - Rewrite rule bypass

Arctera is aware of the recently announced vulnerability in the Apache Tomcat - Rewrite rule bypass please see the following link for more details.

(https://nvd.nist.gov/vuln/detail/CVE-2025-31651).

Arctera EDiscovery Platform Security and Development teams are actively reviewing our software to determine to fix the vulnerability in any of our products.

About Remediation

This vulnerability is remediated by upgrading to eDP 10.3.3 which contains Apache Tomcat 9.0.105.

NOTE: Upgrading the Apache TomCat Server independently of the eDiscovery Platform installer is not recommended nor supported.

Environment

THE SECURITY ADVISORY IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

Issue/Introduction

Arctera is aware of the recently announced vulnerability in the Apache Tomcat - Rewrite rule bypass please see the following link for more details. (https://nvd.nist.gov/vuln/detail/CVE-2025-31651). Arctera EDiscovery Platform Security and Development teams are actively reviewing our software to determine to fix the vulnerability in any of our products.

Additional Information

JIRA: ESA-65357 JIRA: CFT-7222

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"