Detections
Analytics

CIS Apache Tomcat 7 L1 v1.1.0 Middleware

Audit Details

Name: CIS Apache Tomcat 7 L1 v1.1.0 Middleware

Updated: 3/6/2024

Authority: CIS

Plugin: Unix

Revision: 1.9

Estimated Item Count: 52

File Details

Filename: CIS_Apache_Tomcat_7_L1_v1.1.0_Middleware.audit

Size: 96.2 kB

MD5: 4f4701520629224ab3922165af8ffd7c
SHA256: c68f0ae553b8452b7d9246550f2b1d5c1c3c9bd7f01a634ab53ccf112ec268c8

Audit Changelog

 
Revision 1.9

Mar 6, 2024

Functional Update
  • 10.19 Setting Security Lifecycle Listener (check for umask present in startup)
  • 10.19 Setting Security Lifecycle Listener (check for umask uncommented in startup)
  • 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml
  • 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml
  • 10.6 Enable strict servlet Compliance
  • 10.7 Turn off session facade recycling
  • 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists in web application)
  • 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists inin default)
  • 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in default)
  • 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in web application)
  • 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in default)
  • 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in web application)
  • 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in default)
  • 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in web application)
  • 7.4 Ensure directory in context.xml is a secure location - configuration
  • 7.5 Ensure pattern in context.xml is correct
  • 7.6 Ensure directory in logging.properties is a secure location (check log directory location)
  • 7.6 Ensure directory in logging.properties is a secure location (check prefix application name)
  • 8.1 Restrict runtime access to sensitive packages
Informational Update
  • 7.6 Ensure directory in logging.properties is a secure location (check prefix application name)
Miscellaneous
  • Metadata updated.
  • References updated.
  • Variables updated.
Revision 1.8

Apr 12, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.7

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.5

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.4

Apr 25, 2022

Miscellaneous
  • Metadata updated.
Revision 1.3

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.1

Feb 1, 2021

Miscellaneous
  • Metadata updated.
  • References updated.