Spring beans vulnerability CAS Server 6.3.7.4

[Morning Star]

Hi all,

We are using CAS server version as 6.3.7.4.

Our team reported the presence of Spring beans 5.2.12.RELEASE.jar inside cas.war file in below location

cas.war/WEB-INF/lib/cas-server-webapp-tomcat-6.3.7.4.war/WEB-INF/lib

We can't exclude cas-server-webapp-tomcat-6.3.7.4.war as this has strong dependency. 

Do we have any way to exclude spring beans jar from cas-server-webapp-tomcat-6.3.7.4.war under /WEB-INF/lib location?

Any help or advise is highly appreciated.

Regards,

Morning Star.