STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to ISEC7 Sphere Security Technical Implementation Guide

V-224790

CAT II (Medium)

The ISEC7 SPHERE must remove any unnecessary users or groups that have permissions to the server.xml file in Apache Tomcat.

Rule ID

SV-224790r1013879_rule

STIG

ISEC7 Sphere Security Technical Implementation Guide

Version

V3R1

CCIs

CCI-001813

Discussion

Tomcat uses a port (defaults to 8005) as a shutdown port. Someone could Telnet to the machine using this port and send the default command SHUTDOWN. Tomcat and all web apps would shut down in that case, which is a denial-of-service attack and would cause an unwanted service interruption.

Check Content

Verify unnecessary users or groups that have permissions to the Server.xml file in Apache Tomcat have been removed.

Browse to ProgramFiles\Isec7 SPHERE\Tomcat\Conf and select "Server.xml".
Right-click and select "Properties".
Select the security tab and verify no unnecessary account or groups have been granted permissions to the file.
Verify no unnecessary users or groups have permissions to the file.

If unnecessary users or groups that have permissions to the Server.xml file in Apache Tomcat have not been removed, this is a finding.

Fix Text

Log in to the ISEC7 SPHERE server.
Browse to ProgramFiles\Isec7 SPHERE\Tomcat\Conf and select Server.xml.
Right-click and select "Properties".
Select the security tab and remove unnecessary accounts or groups that have been granted permissions to the Server.xml file.