Detections
Analytics

CIS Apache Tomcat 8 L1 v1.1.0 Middleware

Audit Details

Name: CIS Apache Tomcat 8 L1 v1.1.0 Middleware

Updated: 3/6/2024

Authority: CIS

Plugin: Unix

Revision: 1.9

Estimated Item Count: 54

File Details

Filename: CIS_Apache_Tomcat_8_L1_v1.1.0_Middleware.audit

Size: 112 kB

MD5: cea7849be6301b53d5675aca9ea5892b
SHA256: 7b4b73978bc41969e83b461460984aa106328214fead46ad178c1124a59960a2

Audit Changelog

 
Revision 1.9

Mar 6, 2024

Functional Update
  • 10.18 Setting Security Lifecycle Listener - check for umask present in startup
  • 10.18 Setting Security Lifecycle Listener - check for umask uncommented in startup
  • 10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml
  • 10.19 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml
  • 10.6 Enable strict servlet Compliance
  • 10.7 Turn off session facade recycling
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in default
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web application
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application
  • 7.4 Ensure directory in context.xml is a secure location - configuration
  • 7.5 Ensure pattern in context.xml is correct
  • 7.6 Ensure directory in logging.properties is a secure location - check log directory location
  • 7.6 Ensure directory in logging.properties is a secure location - check prefix application name
  • 8.1 Restrict runtime access to sensitive packages
Miscellaneous
  • Metadata updated.
  • References updated.
  • Variables updated.
Revision 1.8

Apr 12, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.7

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.5

Dec 7, 2022

Miscellaneous
  • Metadata updated.
Revision 1.4

Apr 25, 2022

Miscellaneous
  • Metadata updated.
Revision 1.3

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.1

Feb 1, 2021

Miscellaneous
  • Metadata updated.
  • References updated.