Download
| Alert*
CCE-27491-0
The password digest algorithm for JNDIRealm (LDAP) connections should be enabled or disabled as appropriate. CCE-27156-9 The permissions for the Tomcat home directory should be set correctly. CCE-27472-0 The Tomcat-docs should be installed as appropriate. CCE-27476-1 The example files should be installed as appropriate. CCE-27638-6 The permissions for the tomcat-users.xml file should be set correctly. CCE-27634-5 The Balancer app should be installed as appropriate. CCE-27743-4 The Tomcat HTTP/1.1 connector should be configured appropriately for the specified ports. CCE-27555-2 The secure attribute should be set as appropriate for the specified Tomcat JK/JK2 AJP 1.3 connectors. CCE-27521-4 The Tomcat HTTP/1.1 connector should be enabled or disabled. CCE-27480-3 The Tomcat server port number should be set correctly. CCE-27608-9 The Tomcat WARP connector should be enabled or disabled as appropriate. CCE-27378-9 The secure attribute should be set as appropriate for the specified Tomcat HTTP/1.1 connectors. CCE-27600-6 There exists a password in tomcat-users.xml that is not stored using an authorized digest. CCE-27423-3 The Tomcat Legacy JK AJP 1.3 connector should be configured appropriately for the specified ports. CCE-26789-8 The Java Security Manager (JSM) should be enabled or disabled as appropriate. CCE-27661-8 Tomcat should be run by the appropriate account CCE-27141-1 The group of the Tomcat home directory should be set correctly. CCE-27544-6 The Tomcat Legacy JK/JK2 AJP 1.3 connector should be enabled or disabled as appropriate. CCE-27563-6 The owner of the Tomcat home/conf/ directory should be set correctly. CCE-27761-6 Tomcat web application JVM property write permission should be set correctly for the specified properties. CCE-27307-8 The JULI FileHandlerlog file name prefix should be set correctly for the specified classes. CCE-27477-9 The permissions for the Tomcat home/conf/ directory should be set correctly. CCE-27514-9 The JULI FileHandler threshold level should be set correctly for the specified classes. CCE-27155-1 The Tomcat Legacy JK AJP 1.3 connectors should listen on the specified ports. CCE-27568-5 The Tomcat Legacy JK AJP 1.3 connector should be enabled or disabled as appropriate. CCE-27371-4 The owner of the Tomcat home directory should be set correctly. CCE-27564-4 Tomcat web application JVM property read permission should be set correctly for the specified properties. CCE-27451-4 Tomcat should be configured to run with or without the Java Security Manager upon startup. CCE-27617-0 The Tomcat Legacy HTTP/1.1 connectors should listen on the specified ports. CCE-27726-9 The example server.xml file should be installed as appropriate. CCE-27707-9 Tomcat should be run with the appropriate group membership. CCE-26722-9 The Tomcat login authentication method should be set correctly. CCE-27482-9 The owner of the tomcat-users.xml file should be set correctly. CCE-27463-9 The WebDAV app should be installed as appropriate. CCE-27255-9 The Tomcat Legacy HTTP/1.1 connector should be enabled or disabled as appropriate. CCE-27315-1 The JULI FileHandler save directory should be configured appropriately for the specified classes CCE-27500-8 The password digest algorithm for JDBCRealm (database) connections should be enabled or disabled as appropriate. CCE-27577-6 All permissions for the specified codebase should exist or not exist. CCE-26882-1 Access to the Tomcat manager app should be denied as appropriate. CCE-27245-0 The Tomcat WARP connector should be configured appropriately for the specified ports. CCE-27610-5 Security roles for the Tomcat manager app should be set correctly. CCE-27652-7 The Tomcat user account should be locked or unlocked as appropriate. CCE-27418-3 The Tomcat Legacy JK AJP 1.3 connector should be enabled or disabled as appropriate. CCE-27520-6 The group of the Tomcat home/conf/ directory should be set correctly. CCE-26765-8 The JNDIRealm (LDAP) password digest should be configured appropriately. CCE-26890-4 Access to the Tomcat manager app should be allowed as appropriate. CCE-26939-9 The JDBCRealm (database) password digest algorithm should be set correctly CCE-27607-1 The Tomcat Legacy JK/JK2 AJP 1.3 connector should be configured appropriately for the specified ports. CCE-27668-3 The save directory for log files should be set appropriatly for the specified handlers. CCE-27392-0 The group of the tomcat-users.xml file should be set correctly. CCE-27589-1 JULI container level logging should be enabled or disabled as appropriate. |