A security scan of CA Output Management Web Viewer 12.1 running with Tomcat 7.0.54 is showing several vulnerabilities in Tomcat.
Vulnerabilities have been discovered in Tomcat 7.0.54 that were not previously known.
Upgrade to Apache Tomcat 8.5.4 using RO91790 UPDATE APACHE TOMCAT TO 8.5.4. If you are not using the Tomcat originally supplied with Web Viewer, do not use this solution, but download your upgrade from the place you originally downloaded Apache Tomcat.
Plus it may be necessary to remove the Tomcat "docs" and "examples" applications. Here is the recommended method:
For additional information about downloading and applying RO91790 UPDATE APACHE TOMCAT TO 8.5.4, see TEC1392596 An update to Apache Tomcat 8.5.4 For CA Output Management Web Viewer 12.1 is Available