Adília Isabel Domingues da Cruz Alves (Nov 20 2023 at 11:20): Adília Isabel Domingues da Cruz Alves (Nov 20 2023 at 11:20):Hello, I have a security problem with my dataverse server. Dataverse requires port 8009 to be open, isn' it?
My institution's Security Service warning me that the server is reporting the following security problem: 'NVT: Apache Tomcat AJP RCE Vulnerability (Ghostcat) (High (CVSS: 9.8))'. Often, this problem occurs because of port 8009 being opened and associated with Tomcat. We have not Tomcat running in the server. How can I solve this problem? Thank you in advance.
Philip Durbin 🚀 (Nov 20 2023 at 13:27):@Adília Isabel Domingues da Cruz Alves hi! Can you please email security@dataverse.org so we can start tracking this?
Adília Isabel Domingues da Cruz Alves (Nov 20 2023 at 14:08):Philip Durbin said:
Adília Isabel Domingues da Cruz Alves hi! Can you please email security@dataverse.org so we can start tracking this?
Hello Philip. Yes, of course i can. Thank you.
Philip Durbin 🚀 (Nov 20 2023 at 14:41):Thanks! We are now tracking it at https://help.hmdc.harvard.edu/Ticket/Display.html?id=352512
Adília Isabel Domingues da Cruz Alves (Nov 21 2023 at 10:42):Philip Durbin said:
Thanks! We are now tracking it at https://help.hmdc.harvard.edu/Ticket/Display.html?id=352512
Good morning. I have more security doubts. Can I continue to email security@dataverse.org with these doubts?
Philip Durbin 🚀 (Nov 21 2023 at 12:20):@Adília Isabel Domingues da Cruz Alves yes, please!
Last updated: Nov 01 2025 at 14:11 UTC