REST issue

2017-06-13 Thread Carl K.
Some foundation facts: Development environment using NetBeans 8.0.2, Tomcat 8.0.32, Java jdk1.8.0_121 and Postman. The code: I have a simple hello world servlet for testing (in production, the service will serve as an endpoint for information from another organization): package com.tsr.webserv

Re: Vulnerability from PCI scan

2016-11-02 Thread Carl K.
Chris, On 11/2/2016 11:05 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Carl, On 11/1/16 6:05 PM, Carl K. wrote: On 11/1/2016 5:25 PM, Christopher Schultz wrote: Carl, On 11/1/16 5:11 PM, Carl K. wrote: Control Scan has returned this as a vulnerability in

Re: Vulnerability from PCI scan

2016-11-01 Thread Carl K.
On 11/1/2016 5:25 PM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Carl, On 11/1/16 5:11 PM, Carl K. wrote: Control Scan has returned this as a vulnerability in Tomcat 8.0.38: Vulnerable version of Apache Tomcat: 8.0.38 Risk: High (3) Port: 443/tcp Protocol

Vulnerability from PCI scan

2016-11-01 Thread Carl K.
Control Scan has returned this as a vulnerability in Tomcat 8.0.38: Vulnerable version of Apache Tomcat: 8.0.38 Risk: High (3) Port: 443/tcp Protocol: tcp Threat ID: web_dev_tomcatver Details: 404 Error Page Cross Site Scripting Vulnerability 12/21/09 Apache Tomcat is prone to a cross-site scri