Highlighted

Does ColdFusion requires Apache Tomcat?

Engaged ,
Jun 06, 2017

Copy link to clipboard

Copied

I don't remember installing Apache Tomcat for coldFusion. Is Apache Tomcat service require for ColdFusion to function? We are currently running IIS as our web server.

TOPICS
Connector

Views

1.6K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Does ColdFusion requires Apache Tomcat?

Engaged ,
Jun 06, 2017

Copy link to clipboard

Copied

I don't remember installing Apache Tomcat for coldFusion. Is Apache Tomcat service require for ColdFusion to function? We are currently running IIS as our web server.

TOPICS
Connector

Views

1.6K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jun 06, 2017 0
Adobe Employee ,
Jun 06, 2017

Copy link to clipboard

Copied

Hi,

You don't need Apache Tomcat installed on your machine to run ColdFusion. ColdFusion is using Tomcat as an underlying architecture. If you are using IIS, just install ColdFusion and create a connector.

Thanks,

Priyank

Thanks,
Priyank Shrivastava

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 06, 2017 0
Engaged ,
Jun 06, 2017

Copy link to clipboard

Copied

ColdFusion is using Tomcat as an underlying architecture but it's not using Apache Tomcat? What I'm trying to get here is that if it's ColdFusion that's requiring apache tomcat, then we need to upgrade/patch tomcact since we've found a vulnerability when we scaned the machine; however, I couldn't verify that we are actually running apache tomcat on our server.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 06, 2017 0
Adobe Employee ,
Jun 06, 2017

Copy link to clipboard

Copied

Hi,


Please tell us the ColdFusion version which you are running and also tell us the vulnerability. You cannot upgrade the internal Tomcat by your own.

In case, you have a J2EE deployment over Tomcat, then you can certainly upgrade the Tomcat version.

Thanks,

Priyank

Thanks,
Priyank Shrivastava

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 06, 2017 0
Engaged ,
Jun 06, 2017

Copy link to clipboard

Copied

The scanned show: Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)

No details on the vulnerabilities.

Running ColdFusion version: 10,292620

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 06, 2017 0
Adobe Employee ,
Jun 06, 2017

Copy link to clipboard

Copied

You can update ColdFusion to the latest update. Make sure, you are not using JDK1.6 and most important, you have to disable the SSLv3. You can find an article which will tell you how to disable it.

Thanks,

Priyank

Thanks,
Priyank Shrivastava

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 06, 2017 0