The vulnerability scan detect a vulnerability with/wcc/tomcat/webapps/asi/WEB-INF/web.xmlweb.xml in Agent Inventory module of Web UI. The scan states that readonly being set to false poses a vulnerability. Vulnerability scan reports this vulnerability. It creates a false alert.

WebUI 12.1 or higher

ReadOnly set to false in web.xml file. This readonly parameter is not used. 

CIRCUMVENTION: To resolve this issue, readOnly parameter can be set to true or readOnly parameter can be completely removed as it is not used.