The host is installed with Apache Tomcat 6.0.x before 6.0.39, 7.x before 7.0.50 or 8.x before 8.0.0-RC10 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle an untrusted web application. Successful exploitation allows remote attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application wit ...