The version of Apache Tomcat installed on the remote host is version 8.0.x prior to 8.0.50. It is, therefore, affected by a security constraints flaw which could expose resources to unauthorized users.
Binary data 700687.pasl
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1304
tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50