The vCenter STS service default ROOT web application must be removed.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-258996 | SRG-APP-000141-AS-000095 | VCST-80-000142 | SV-258996r960963_rule | 2024-07-11 | 2 |
| Description |
|---|
| The default ROOT web application includes the version of Tomcat being used, links to Tomcat documentation, examples, FAQs, and mailing lists. The default ROOT web application must be removed from a publicly accessible instance and a more appropriate default page shown to users. |
| ℹ️ Check |
|---|
| At the command prompt, run the following command: # ls -l /var/opt/apache-tomcat/webapps/ROOT If the ROOT web application contains any content, this is a finding. |
| ✔️ Fix |
|---|
| At the command prompt, run the following command: # rm -rf /var/opt/apache-tomcat/webapps/ROOT/* |