Details
Setting the privileged attribute for an application changes the class loader to the Server class loader instead of the Shared class loader.
Solution
In all context.xml, set the privileged attribute to false unless it is required like the manager application:
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.