Rule ID
SV-259048r934802_rule
Version
V1R1
CCIs
CCI-001312
The Error Report Valve is a simple error handler for HTTP status codes that will generate and return HTML error pages. It can also be configured to return predefined static HTML pages for specific status codes and/or exception types. Disabling "showServerInfo" will only return the HTTP status code and remove all CSS from the default nonerror-related HTTP responses.
At the command prompt, run the following command: # xmllint --xpath '/Server/Service/Engine/Host/Valve[@className="org.apache.catalina.valves.ErrorReportValve"]' /usr/lib/vmware-lookupsvc/conf/server.xml Example result: <Valve className="org.apache.catalina.valves.ErrorReportValve" showServerInfo="false" showReport="false"/> If the "ErrorReportValve" element is not defined or "showServerInfo" is not set to "false", this is a finding.
Navigate to and open: /usr/lib/vmware-lookupsvc/conf/server.xml Locate the following Host block: <Host ...> ... </Host> Inside this block, add or update the following on a new line: <Valve className="org.apache.catalina.valves.ErrorReportValve" showServerInfo="false" showReport="false"/> Restart the service with the following command: # vmon-cli --restart lookupsvc