Description
Tomcat status page shows information about the current server state (memory status, thread information and a list of the recent requests). This information could be valuable for an attacker. It's recommended to restrict access to this page.
Remediation
It's recommended to restrict access to this page.
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4898)
Unrestricted access to NGINX+ Upstream HTTP interface
[Possible] Internal Path Disclosure (Windows)
Snoop Servlet information disclosure
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671)