This technote identifies a known Apache Tomcat security vulnerability which will cause IBM Rational AppScan to throw a warning when run against IBM Rational Quality Manager server version 184.108.40.206 and below.
AppScan reports security vulnerability CVE-2009-0033.
This is a known security vulnerability affecting Apache Tomcat versions 5.5.0 through 5.5.27 (among other versions).
IBM Rational Quality Manager 220.127.116.11
Resolving the problem
Upgrade to Rational Quality Manager 2.0.1 or higher. Version 2.0.1 includes Apache Tomcat 5.5.28, which is not affected by this vulnerability.