Item Search

Name	Audit Name	Plugin	Category
2.1 Alter the Advertised server.info String	CIS Apache Tomcat 8 L2 v1.1.0 Middleware	Unix	CONFIGURATION MANAGEMENT
2.1 Alter the Advertised server.info String	CIS Apache Tomcat 8 L2 v1.1.0	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 10 L2 v1.1.0	Unix	SYSTEM AND INFORMATION INTEGRITY
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 8 L2 v1.1.0 Middleware	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 9 L2 v1.2.0	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 10.1 v1.1.0 L2	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 9 L2 v1.2.0 Middleware	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 11 v1.0.0 L2	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 10 L2 v1.1.0 Middleware	Unix	SYSTEM AND INFORMATION INTEGRITY
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 8 L2 v1.1.0	Unix	CONFIGURATION MANAGEMENT
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 7 L2 v1.1.0	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors	CIS Apache Tomcat 7 L2 v1.1.0 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
DISA_IIS_8.5_Web_Server_v2r7.audit from DISA Microsoft IIS 8.5 Server v2r7 STIG	DISA IIS 8.5 Server v2r7	Windows
DISA_STIG_Apache_Server-2.4_Unix_v3r1_Middleware.audit from DISA Apache Server 2.4 UNIX Server v3r1 STIG	DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware	Unix
DISA_STIG_Apache_Server-2.4_Unix_v3r1.audit from DISA Apache Server 2.4 UNIX Server v3r1 STIG	DISA STIG Apache Server 2.4 Unix Server v3r1	Unix
DISA_STIG_Apache_Server-2.4_Windows_v2r3.audit from DISA Apache Server 2.4 Windows Server v2r3 STIG	DISA STIG Apache Server 2.4 Windows Server v2r3	Windows
DISA_STIG_Apache_Server-2.4_Windows_v3r1.audit from DISA Apache Server 2.4 Windows Server v3r1 STIG	DISA STIG Apache Server 2.4 Windows Server v3r1	Windows
DISA_STIG_Apache_Site-2.4_Unix_v2r4_Middleware.audit from DISA Apache Server 2.4 UNIX Site v2r4 STIG	DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware	Unix
DISA_STIG_Apache_Tomcat_Application_Server_9_v3r1_Middleware.audit from DISA Apache Tomcat Application Server 9 v3r1 STIG	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix
DISA_STIG_Microsoft_Windows_2012_Server_DNS_v2r7.audit from DISA Microsoft Windows 2012 Server Domain Name System v2r7 STIG	DISA Microsoft Windows 2012 Server DNS STIG v2r7	Windows
DISA_STIG_Oracle_Linux_6_v2r7.audit from DISA Oracle Linux 6 v2r7 STIG	DISA STIG Oracle Linux 6 v2r7	Unix
TCAT-AS-000010 - The number of allowed simultaneous sessions to the manager application must be limited.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-000020 - Secured connectors must be configured to use strong encryption ciphers.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-000090 - DefaultServlet must be set to readonly for PUT and DELETE.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-000110 - The Java Security Manager must be enabled.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-000170 - Tomcat servers behind a proxy or load balancer must log client IP.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	AUDIT AND ACCOUNTABILITY
TCAT-AS-000240 - Date and time of events must be logged.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	AUDIT AND ACCOUNTABILITY
TCAT-AS-000371 - $CATALINA_BASE/conf folder permissions must be set to 750.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT
TCAT-AS-000470 - Stack tracing must be disabled.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-000490 - The shutdown port must be disabled.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-000500 - Unapproved connectors must be disabled.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-000550 - xpoweredBy attribute must be disabled.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-000580 - Documentation must be removed.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-000590 - Applications in privileged mode must be approved by the ISSO.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-000600 - Tomcat management applications must use LDAP realm authentication.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
TCAT-AS-000630 - TLS must be enabled on JMX.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
TCAT-AS-000700 - DOD root CA certificates must be installed in Tomcat trust store.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
TCAT-AS-000750 - Tomcat must use FIPS-validated ciphers on secured connectors.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION
TCAT-AS-000790 - Access to Tomcat manager application must be restricted.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
TCAT-AS-000860 - Clusters must operate on a trusted network.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION
TCAT-AS-000970 - Idle timeout for the management application must be set to 10 minutes.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-001040 - LockOutRealms lockOutTime attribute must be set to 600 seconds (10 minutes) for admin users.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-001060 - Tomcat user account must be a non-privileged user.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-001080 - Application user name must be logged.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	ACCESS CONTROL
TCAT-AS-001200 - $CATALINA_HOME folder must be owned by the root user, group tomcat.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-001260 - $CATALINA_BASE/temp/ folder must be owned by tomcat user, group tomcat.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-001280 - $CATALINA_BASE/work/ folder must be owned by tomcat user, group tomcat.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT
TCAT-AS-001320 - Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	IDENTIFICATION AND AUTHENTICATION
TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY
TCAT-AS-001700 - Tomcat users in a management role must be approved by the ISSO.	DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search