Home
Security Hardening
DISA STIG VMware vSphere 6.7 Perfcharts Tomcat V1R1

DISA STIG VMware vSphere 6.7 Perfcharts Tomcat V1R1

VCPF-67-000030 – Performance Charts must set the secure flag for cookies.
Details The secure flag is an option that can be set by the application server when sending a new cookie...
VCPF-67-000019 – Performance Charts must set ‘URIEncoding’ to UTF-8 – URIEncoding to UTF-8.
Details Invalid user input occurs when a user inserts data or characters into a hosted application’s data entry field and...
VCPF-67-000031 – Performance Charts must be configured to limit access to internal packages.
Details The ‘package.access’ entry in the ‘catalina.properties’ file implements access control at the package level. When this is properly configured,...
VCPF-67-000020 – Performance Charts must use the ‘setCharacterEncodingFilter’ filter – filter
Details Invalid user input occurs when a user inserts data or characters into a hosted application’s data entry field and...
VCPF-67-000020 – Performance Charts must use the ‘setCharacterEncodingFilter’ filter – filter-mapping
Details Invalid user input occurs when a user inserts data or characters into a hosted application’s data entry field and...
VCPF-67-000021 – Performance Charts must set the welcome-file node to a default web page.
Details Enumeration techniques, such as URL parameter manipulation, rely on being able to obtain information about the web server’s directory...
VCPF-67-000022 – Performance Charts must not show directory listings.
Details Enumeration techniques, such as URL parameter manipulation, rely on being able to obtain information about the web server’s directory...
VCPF-67-000023 – Performance Charts must configured to show error pages with minimal information.
Details Web servers will often display error messages to client users, including enough information to aid in the debugging of...
VCPF-67-000024 – Performance Charts must not enable support for TRACE requests.
Details ‘Trace’ is a technique for a user to request internal information about Tomcat. This is useful during product development...
VCPF-67-000025 – Performance Charts must have the debug option turned off.
Details Information needed by an attacker to begin looking for possible vulnerabilities in a web server includes any information about...

Prev Next

DISA STIG VMware vSphere 6.7 Perfcharts Tomcat V1R1

VCPF-67-000030 – Performance Charts must set the secure flag for cookies.

VCPF-67-000019 – Performance Charts must set ‘URIEncoding’ to UTF-8 – URIEncoding to UTF-8.

VCPF-67-000031 – Performance Charts must be configured to limit access to internal packages.

VCPF-67-000020 – Performance Charts must use the ‘setCharacterEncodingFilter’ filter – filter

VCPF-67-000020 – Performance Charts must use the ‘setCharacterEncodingFilter’ filter – filter-mapping

VCPF-67-000021 – Performance Charts must set the welcome-file node to a default web page.

VCPF-67-000022 – Performance Charts must not show directory listings.

VCPF-67-000023 – Performance Charts must configured to show error pages with minimal information.

VCPF-67-000024 – Performance Charts must not enable support for TRACE requests.

VCPF-67-000025 – Performance Charts must have the debug option turned off.