Skip to content

Server leaks version information via Server HTTP response header #2716

New issue
New issue
Open
Bug
Open
Server leaks version information via Server HTTP response header#2716
Bug
Assignees
dsotirho-ucsc
Labels
--[priority] Lowbug[type] A defect preventing use of the system as specifiedcanaryDone by the Clever Canarycompliance[subject] Information and software securitygroomedinvicti[subject] Represents one or more Invicti findingsorange[process] Done by the Azul team
@dsotirho-ucsc

Description

@dsotirho-ucsc
dsotirho-ucsc
opened on Feb 4, 2025

ZAP scan finding
Severity: Low

The web/application server is leaking version information via the "Server" HTTP response Description header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.

Examples:

Solution:

Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.

Metadata

Metadata

Assignees

Labels

--[priority] Lowbug[type] A defect preventing use of the system as specifiedcanaryDone by the Clever Canarycompliance[subject] Information and software securitygroomedinvicti[subject] Represents one or more Invicti findingsorange[process] Done by the Azul team

Type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions