CIS Apache Tomcat 10 L1 v1.1.0 Middleware

Audit Details

Name: CIS Apache Tomcat 10 L1 v1.1.0 Middleware

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.2

Estimated Item Count: 53

File Details

Filename: CIS_Apache_Tomcat_10_L1_v1.1.0_Middleware.audit

Size: 135 kB

MD5: ce5169be94601f6f479c29727549226f
SHA256: 98e3778604e62c99e67b42a87704f1835d50f44c8fb2eabb2da1ff5a34354b99

Audit Changelog

 
Revision 1.2

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.1

Mar 6, 2024

Functional Update
  • 10.17 Setting Security Lifecycle Listener - check for umask present in startup
  • 10.17 Setting Security Lifecycle Listener - check for umask uncommented in startup
  • 10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml
  • 10.18 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml
  • 10.7 Turn off session facade recycling
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in default
  • 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in web application
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default
  • 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application
  • 7.6 Ensure directory in logging.properties is a secure location - check log directory location
  • 7.6 Ensure directory in logging.properties is a secure location - check prefix application name
Informational Update
  • 10.2 Restrict access to the web administration application
Miscellaneous
  • Variables updated.