The remote Apache Tomcat server is affected by an information disclosure vulnerability.
According to its self-reported version number, the Apache Tomcat instance listening on the remote host is prior to 6.0.45 / 7.0.68 / 8.0.30. It is, therefore, affected by an information disclosure vulnerability: - An information disclosure vulnerability exists due to a failure to enforce access restrictions when handling directory requests that are missing trailing slashes. An unauthenticated, remote attacker can exploit this to enumerate valid directories. (CVE-2015-5345) Note that Nessus Network Monitor has not tested for these issues but has instead relied only on the application's self-reported version number.
Upgrade to Apache Tomcat version 6.0.45 / 7.0.68 / 8.0.30 or later.