This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The web server running on the remote host is affected by an
information disclosure vulnerability.
According to its self-reported version number, the remote host is
running a vulnerable version of Apache Tomcat. Affected versions
permit a web application to replace the XML parser used to process the
XML and TLD files of other applications. This could allow a malicious
web app to read or modify 'web.xml', 'context.xml', or TLD files of
arbitrary web applications.
See also :
Upgrade to versions 7.0.19 / 6.0.20 / 5.5.28 / 4.1.40 or later.
Alternatively, apply the patches referenced in the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 4.6
CVSS Temporal Score : 4.0
Public Exploit Available : true