Hi,

Could anyone please let me know how can I fix the below server vulnerabilities issues which we got after a server scan taken place.

Please let me know how can I assure the application works fine if we do any changes in server..

"The 'EBJInvokerServlet' and 'JMXInvokerServlet' servlets hosted on
the web server on the remote host are accessible to unauthenticated
users. The

remote host is, therefore, affected by the following
vulnerabilities :

  - A security bypass vulnerability exists due to improper
    restriction of

access to the console and web management
    interfaces. An unauthenticated, remote attacker can
    exploit this, via direct requests, to bypass
  

authentication and gain administrative access.
    (CVE-2007-1036)

  - A remote code execution vulnerability exists due to the
   

JMXInvokerHAServlet and EJBInvokerHAServlet invoker
    servlets not properly restricting access to profiles. An
    unauthenticated, remote

attacker can exploit this to
    bypass authentication and invoke MBean methods,
    resulting in the execution of arbitrary code.
    (CVE-2012-

0874)

  - A remote code execution vulnerability exists in the
    EJBInvokerServlet and JMXInvokerServlet servlets due to
    the ability to post a

marshalled object. An
    unauthenticated, remote attacker can exploit this, via a
    specially crafted request, to install arbitrary
   

applications. Note that this issue is known to affect
    McAfee Web Reporter versions prior to or equal to
    version 5.2.1 as well as Symantec

Workspace Streaming
    version 7.5.0.493 and possibly earlier.
    (CVE-2013-4810)"