The customer requires to mitigate a medium vulnerability on the used Tomcat.  It was updated to version 9.0.72.

When an non existant resource is consumed the error page return the Tomcat version.

How can we stop tomcat from providing the actual version?

Release : 14.5 all

1. Go to DM Server and navigate to the Program Files (x86)\CA\SC\tomcat\8.5.56\lib directory.
2. Create the following path under the lib subdirectory - org\apache\catalina\util (Example: C:\Program Files (x86)\CA\SC\tomcat\8.5.56\lib\org\apache\catalina\util)
3. Create a  file with the name 'ServerInfo.properties' in the util folder.
4. Edit the file and type the message you want to appear. For example: server.info=Apache Tomcat
5. Save changes
6. Restart the Client Automation services.
7. Delete web browser cache.

Now when an Apache Tomcat page is viewed, the version information is replaced with the text entered in the ServerInfo.properties file created above.

How to Hide Apache Tomcat Version Number from Error Pages