Configuration data is sent network device in clear text on port 8080
book
Article ID: 113334
calendar_today
Updated On:
Products
CA Spectrum
Issue/Introduction
We have implemented SSL for CA Spectrum Oneclick console. During a security scan in the data is shown in cleartext and communication is happening with port 8080.
Environment
Release: Component: SPCCSS
Cause
Port 8080 is not a secure port.
Resolution
The connector must be commented out in the server.xml file and tomcat restarted.
1. Navigate to $SPECROOT/tomcat/conf 2. Open server.xml file in text editor of choice. 3. Find this line (or similar):