Detail

Apache Server-Info Detected

Severity: Medium

Summary #

Invicti detected that Apache server-info is enabled.

Information disclosed from this page can be used to gain further information about the target system.

Impact #
An attacker can gather useful information about the internals of the target web server, including:
  • Current server configuration
  • Server version
  • Server build time
  • Server root
  • Server httpd.conf configuration file path
  • Server build parameters
  • Apache modules and module directives
This type of information can help an attacker harvest information on the target in order to further develop the attack surface.
Classifications #
CAPEC-347; CWE-16; ISO27001-A.18.1.3; WASC-14; OWASP 2013-A5; OWASP 2017-A6 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C
Netsparker Security Insights #
Helpful Use Cases #
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Tags

apache  OWASP 2013-A5  OWASP 2017-A6 

Related Vulnerabilities

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo

Invicti Security Corp
220 Industrial Blvd Ste 102
Austin, TX 78745

© Invicti 2022

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Invicti 2022

SSA Privacy Policy California Privacy Rights Terms of Use Accessibility Sitemap