Service Desk Practitioners Forum
cancel

PCI Vulnerability

Highlighted
Micheal Y
Trusted Contributor.

PCI Vulnerability

We have a monthly scan that runs checking for vulnerabilities in our systems. This month it found the following on our Service Pages installation:

"Description: Cross-site scripting attacks on connecting web browsers can be facilitated by this server's Tomcat servlet container. Specially crafted web requests will result in an attacker's script being executed on a connecting browser. For example, a request such as http://IP/servlet/org.apache.catalina.ContainerServlet/<SCRIPT>alert(document.domain)</SCRIPT> will cause a pop-up to appear on a testing browser.

Remediation: Unmap the invoker servlet in Tomcat's web.xml file."

I'm not 100% certain how to do this. Can anyone lend a hand? Also, will doing this have a negative impact on how Service Pages works?

Thanks in advance.

Micheal
2 REPLIES
Vasily Kamenev
Acclaimed Contributor.

Re: PCI Vulnerability

Hi
Sorry, if I'm not uderstood u correctly, but I think u like remove servlet from Tomcat. If this true, then u need remove records and records for servlet from web.xml. If your Tomcat does not tune for automatic reload, then need restart Tomcat, any way Tomcat reload new configuration automaticaly.

Vasily
Micheal Y
Trusted Contributor.

Re: PCI Vulnerability

Thanks, Vasily. I'm looking to "unmap" the servlet. Not certain exactly what that means, honestly. I'm thinking commenting out the mapping should be enough, but wanted to check here thinking that someone else must have gotten dinged for this vulnerability at some point.

Thanks again.

Micheal