Family: Web Servers --> Category: attack
Apache Tomcat Default Accounts Vulnerability Scan
Vulnerability Scan Summary
Apache Tomcat Default Accounts
Detailed Explanation for this Vulnerability Test
This host appears to be the running the Apache Tomcat
Servlet engine with the default accounts still configured.
A potential intruder could reconfigure this service in a way
that grants system access.
Solution: Change the default passwords by editing the
admin-users.xml file located in the /conf/users
subdirectory of the Tomcat installation.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.