Documentation - V-223006

V-223006

Apache Tomcat Application Server 9 Security Technical Implementation Guide

CAT II

Title

Tomcat users in a management role must be approved by the ISSO.

Description

<VulnDiscussion>Deploying applications to Tomcat requires a Tomcat user account that is in the "manager-script" role. Any user accounts in a Tomcat management role must be approved by the ISSO.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl...

Fix Text (Documentation Requirement)

Document the users and the roles that have been defined for use with the Tomcat server. Ensure that all users and roles with access to Tomcat management features and capabilities are approved by the ISSO.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel