Plenty of people are looking at my question so this must be a question that has come up in the past. Does no one have a suggestion?
I have found one suggestion on the web to comment out the vulnerable servlets in the deploy/http-invoker.sar/invoker.war/WEB-INF/web.xml.
I have tried this on one server and it does not seem to cause a problem. Is doing this going to cause more problems than it solves?
Hi David, did commenting these servlets in the corresponding web.xml help?
I have tried to do the same thing but qualys is still finding this security vulnerability.
Have you found a reasonable solution to overcome this vulnerability.
Please share if you have found one.