Thanks for the quick response.
Thanks for providing that info Anit! I have downgraded this from Important to Warning on the HackMyCF scanner. I still keep it as Warning because I think it is important to know incase your CFML code makes use of the vulnerable classes.
I still hope Adobe plans to upgrade to Tomcat 7.0.70+ in CF10/11, and 8.0.36+ in CF2016 in the next update. It is important for many organizations.
That will definitely happen Pete.