Detections
Analytics

Item Search

NameAudit NamePluginCategory
2.1 Alter the Advertised server.info StringCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.1 Alter the Advertised server.info StringCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 8 L2 v1.1.0Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 10 L2 v1.1.0 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 8 L2 v1.1.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 11 v1.0.0 L2Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 10.1 v1.1.0 L2Unix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 9 L2 v1.2.0 MiddlewareUnix

CONFIGURATION MANAGEMENT

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 10 L2 v1.1.0Unix

SYSTEM AND INFORMATION INTEGRITY

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 7 L2 v1.1.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all ConnectorsCIS Apache Tomcat 7 L2 v1.1.0 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

DISA_IIS_8.5_Web_Server_v2r7.audit from DISA Microsoft IIS 8.5 Server v2r7 STIGDISA IIS 8.5 Server v2r7Windows
DISA_Microsoft_DotNet_Framework_4.0_STIG_v2r7.audit from DISA Microsoft DotNet Framework 4.0 STIG v2r7DISA Microsoft DotNet Framework 4.0 STIG v2r7Windows
DISA_STIG_Apache_Server-2.4_Unix_v3r2_Middleware.audit from DISA Apache Server 2.4 UNIX Server v3r2 STIGDISA STIG Apache Server 2.4 Unix Server v3r2 MiddlewareUnix
DISA_STIG_Apache_Tomcat_Application_Server_9_v3r3_Middleware.audit from DISA Apache Tomcat Application Server 9 v3r3 STIGDISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix
DISA_STIG_Canonical_Ubuntu_22.04_LTS_v2r7.audit from DISA Canonical Ubuntu 22.04 LTS STIG v2r7DISA Canonical Ubuntu 22.04 LTS STIG v2r7Unix
DISA_STIG_Microsoft_Windows_11_v2r7.audit from DISA Microsoft Windows 11 STIG v2r7DISA Microsoft Windows 11 STIG v2r7Windows
DISA_STIG_Microsoft_Windows_2012_Server_DNS_v2r7.audit from DISA Microsoft Windows 2012 Server Domain Name System v2r7 STIGDISA Microsoft Windows 2012 Server Domain Name System STIG v2r7Windows
DISA_STIG_Oracle_Linux_6_v2r7.audit from DISA Oracle Linux 6 v2r7 STIGDISA STIG Oracle Linux 6 v2r7Unix
DISA_STIG_Oracle_Linux_8_v2r7.audit from DISA Oracle Linux 8 STIG v2r7DISA Oracle Linux 8 STIG v2r7Unix
DISA_STIG_Red_Hat_Enterprise_Linux_8_v2r7.audit from DISA Red Hat Enterprise Linux 8 STIG v2r7DISA Red Hat Enterprise Linux 8 STIG v2r7Unix
TCAT-AS-000010 - The number of allowed simultaneous sessions to the manager application must be limited.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL

TCAT-AS-000030 - HTTP Strict Transport Security (HSTS) must be enabled.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL

TCAT-AS-000050 - AccessLogValve must be configured for each application context.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

TCAT-AS-000060 - Default password for keystore must be changed.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

TCAT-AS-000080 - Cookies must have http-only flag set.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL

TCAT-AS-000090 - DefaultServlet must be set to readonly for PUT and DELETE.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL

TCAT-AS-000100 - Connectors must be secured.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL

TCAT-AS-000170 - Tomcat servers behind a proxy or load balancer must log client IP.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

TCAT-AS-000361 - Files in the $CATALINA_BASE/logs/ folder must have their permissions set to 640.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

AUDIT AND ACCOUNTABILITY

TCAT-AS-000370 - Files in the $CATALINA_BASE/conf/ folder must have their permissions set to 640.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT

TCAT-AS-000450 - Tomcat user UMASK must be set to 0027.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-000500 - Unapproved connectors must be disabled.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-000560 - Example applications must be removed.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-000570 - Tomcat default ROOT web application must be removed.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-000580 - Documentation must be removed.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-000590 - Applications in privileged mode must be approved by the ISSO.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-000690 - LDAP authentication must be secured.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-000710 - Keystore file must be protected.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-000750 - Tomcat must use FIPS-validated ciphers on secured connectors.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000780 - Access to JMX management interface must be restricted.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000790 - Access to Tomcat manager application must be restricted.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000800 - Tomcat servers must mutually authenticate proxy or load balancer connections.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000940 - ErrorReportValve showReport must be set to false.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

SYSTEM AND INFORMATION INTEGRITY

TCAT-AS-000970 - Idle timeout for the management application must be set to 10 minutes.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

TCAT-AS-001080 - Application user name must be logged.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

ACCESS CONTROL

TCAT-AS-001200 - $CATALINA_HOME folder must be owned by the root user, group tomcat.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-001220 - $CATALINA_BASE/conf/ folder must be owned by root, group tomcat.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-001320 - Multifactor certificate-based tokens (CAC) must be used when accessing the management interface.DISA STIG Apache Tomcat Application Server 9 v3r3 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION