tomcat url vulnerabilities
search cancel

tomcat url vulnerabilities

book

Article ID: 282025

calendar_today

Updated On:

Products

CA Client Automation - IT Client Manager CA Client Automation

Issue/Introduction

Following url vulnerabilities have been detected on Domain Manager
 
http://DOMAINNAME:8080/examples/servlets/index.html
http://DOMAINNAME:8080/docs/
http://DOMAINNAME:8080/examples/jsp/index.html
 
How to resolve the vulnerabilities ?

Environment

Client Automation - All Versions.

Resolution

These urls are default tomcat directories.

The default tomcat directories examples and docs could be deleted on Domain Manager. They are not used by Client Automation

Example :

Following directories could be deleted :

C:\Program Files (x86)\CA\SC\CIC\Tomcat\webapps\examples
C:\Program Files (x86)\CA\SC\CIC\Tomcat\webapps\docs
C:\Program Files (x86)\CA\SC\Tomcat\8.5.56\webapps\docs

Powered by Wolken Software