Document ID: TEC605960
Spec KB: JSPs and Servlets vulnerability in Cabi 3.3
Description:
When performing security assessment using a tool named Nessus, the following vulnerability files are found under Apache tomcat directory.
Vulnerability:
Example JSPs and Servlets are installed in the remote Apache Tomcat> servlet/JSP directories
Recommendation:
Review the files and delete those that are not needed.
/examples/servlets/index.html
/examples/jsp/snp/snoop.jsp
/examples/jsp/index.html
Path of the files:
/opt/CA/SharedComponents/CommonReporting3/bobje/enterprise120/warfiles/WebApps/examples/jsp/snp/snoop.jsp /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/jsp/snp/snoop.jsp /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/jsp/index.html /opt/CA/SharedComponents/CommonReporting3/bobje/tomcat/webapps/examples/servlets/index.html
Please select the following link for more information on this subject:
Knowledge Document Link:
https://comm.support.ca.com/?legacyid=TEC605960