Manually Patching Apache Tomcat vulnerability in Viakoo Agents (CVE-2020-1938)

The Apache Tomcat server that is part of the Agent Installer packages prior to agent level 5557 have a known vulnerability (CVE-2020-1938). 

This problem has been fixed with agents installed with version 5557 or higher. The problem needs to be fixed for each ViakooCA and ViakooRA installation.

For users who installed with earlier agents, you can manually patch your existing configuration by performing the following steps:


For RA, go to:

C:\Program Files\Viakoo\Video Network Navigator RA\apache-tomcat-7.0.65\conf

For CA, go to

C:\Program Files\Viakoo\Video Network Navigator CA\apache-tomcat-7.0.65\conf


Edit server.xml with notepad (or other text editor) and look for the following row:


Disable this exposure by deleting these two lines. Now save the file and restart the associated ViakooCA or ViakooRA service.


If you need assistance performing this step, contact TeamViakoo at


Have more questions? Submit a request