Description
Apache /server-status displays information about your Apache status. If you are not using this feature, disable it.
Remediation
Disable this functionality if not required. Comment out the <Location /server-status> section from httpd.conf.
References
Related Vulnerabilities
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10334)
CodeIgniter development mode enabled
Unencrypted __VIEWSTATE parameter
WordPress Plugin JS MultiHotel Multiple Vulnerabilities (2.2.1)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39200)