Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

Apache Tomcat Default Files Medium Vulnerability

For a PCI scan Nessus shows this vulnerability within the scanning process:

APACHE TOMCAT DEFAULT FILES

Description

The default error page, default index page, example JSPs, and/or example servlets are installed on the remote Apache Tomcat

server. These files should be removed as they may help an attacker uncover information about the remote Tomcat install or

host itself.

Recommendation

Delete the default index page and remove the example JSP and servlets.

Observation

The following default files were found :

/nessus - check / default -404 - error - page . html

I am not sure how to maneuver through the CMD manager appliance console via putty to access the location of the default index page to verify if this is a false positive and I can then take a screen print to show proof. Nessus reports this as false positive, but I need show proof.