Hi ,
Could anyone help to provide details on below
Does latest tomcat 7.0 supports BusinessObjects 4.0 SP9
We are currently using tomcat 6.0 and our network team claiming below are the concerns with tomcat 6.0 and recommendations:
Vulnerability
Apache Tomcat: Important: Session fixation (CVE-2013-2067) (High)
Missing Secure Flag From SSL Cookie
Click Jacking
TLS/SSL Server Supports SSL version 3
Recommendations:
Upgrade to latest Apache Tomcat version
Add the Secure flag to cookies sent over SSL. For each cookie sent over SSL in your web-site, add the "Secure" flag to the cookie.
Use HTTP X-Frame-Options. Send the HTTP response headers with X-Frame-Options that instruct the browser to restrict framing where it is not allowed.
Disable SSLv3 protocol support. Configure the server to require clients to use TLS.