CIS Apache Tomcat 9 L1 v1.2.0 Middleware

Audit Details

Name: CIS Apache Tomcat 9 L1 v1.2.0 Middleware

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.4

Estimated Item Count: 53

File Details

Filename: CIS_Apache_Tomcat_9_L1_v1.2.0_Middleware.audit

Size: 133 kB

MD5: 8a48c6030a69e76c9e32966f835f81f0
SHA256: 9cc0c6966d25ecea3cad15d5fc59ce9458cf433e6d4fca58a7fc4282f6bbf3fb

Audit Changelog

 
Revision 1.4

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.3

Mar 6, 2024

Functional Update
  • 10.17 Setting Security Lifecycle Listener - check for umask present in startup
  • 10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup
  • 10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml
  • 10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml
  • 10.7 Turn off session facade recycling
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in default
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web application
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application
  • 7.6 Ensure directory in logging.properties is a secure location - check log directory location
  • 7.6 Ensure directory in logging.properties is a secure location - check prefix application name
Informational Update
  • 10.2 Restrict access to the web administration application
Miscellaneous
  • Metadata updated.
  • References updated.
  • Variables updated.
Revision 1.2

Apr 12, 2023

Functional Update
  • 10.7 Turn off session facade recycling
Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.1

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.