When dealing with vulnerabilities, you need to confirm whether the relevant components of the CAS product are involved. You can use the following commands to check.
1. View the version of apache tomcat
The Ubuntu OS wus used before CAS7.0. You can use the following command to view the version information.
# dpkg -l | grep tomcat
root@cvknode06:/var/lib/tomcat8# dpkg -l | grep tomcat
ii libtomcat8-java 8.0.32-1ubuntu1 Apache Tomcat 8 - Servlet and JSP engine -- core libraries
ii tomcat8 8.0.32-1ubuntu1 Apache Tomcat 8 - Servlet and JSP engine
ii tomcat8-common 8.0.32-1ubuntu1 Apache Tomcat 8 - Servlet and JSP engine -- common files
CAS7.0 began to be divided into Centos and Ubuntu , the latter can still be viewed using the above command. For the centos system, because it is not the tomcat installed by rpm, it cannot be viewed with the rpm -q tomcat command. We can use the ./catalina.sh version command to view under the path: /var/lib/tomcat8/bin.
2. View the version of openssh/open ssl
Use the command ssh -V to view the version
3. View the version of mysql/mariadb
The commands are different in different OS
Ubuntu: dpkg -l | grep mysql
Centos: rpm -qa | grep mariadb