Tomcat Manager is prone to a remote unauthorized-access vulnerability. An attacker can exploit this issue to upload and execute arbitrary code, which will facilitate a complete compromise of the affected computer.

Change or remove the user from tomcat-users.xml