Potential security concerns relating to Tomcat configuration files in Critical System Protection