Apache Tomcat Servlet Default Files Installed in IIB Broker

A recent nessus scan found the following vulnerability in a RedHat server:

Apache Tomcat Servlet Default Files Installed Vulnerability finding appeared in last successful scan attempt. The following default files were found : /nessus-check/default-404-error-page.html

This vulnerability was found on port 4414, where the IIB broker is running.

I searched the web.xml file under the path:

/IIB-install/iib10.0.0.7/server/webadmin/apps/mqtt/WEB-INF

and added the following lines:

<error-page>
    <error-code>404</error-code>
    <location>/nessus-check/default-404-error-page.html</location>
</error-page>

inside the braces and restarted the IIB broker, but the vulnerability is still there. What am I missing here?

Thanks in advance

security
apache-http-server
mqtt

user3105533

Posted 2018-12-25T15:42:22.147

Reputation: 21

Apache Tomcat Servlet Default Files Installed in IIB Broker

No answers