AFAIK, the struts problem is a false positive because you can't get that port to run example exploit code. https://blog.appsecco.com/detecting-and-exploiting-the-java-struts2-rest-plugin-vulnerability-cve-2017-9805-765773921d3d   Has anyone got a solution to the Tomcat NFS upgrade problem. That looks tricky. ... View more

Thank you so much ! ... View more

@nicusanThis looks promising. I shall take a look for sure.   @bgooleyIs there any way to retrieve the scm password for the embedded postgres DB ? Without taking the backup of db.properties file I had ran the script which configured external mysql DB. Now db.properties only shows external mysql DB related info . I am not sure if scm_prepare_database.sh script took the backup of old db.properties file somewhere in the system. ... View more