Description

Apache /stronghold-info displays information about your Apache configuration. This URL is enabled when you are using Apache Stronghold. If you are not using this feature, disable it.

Remediation

Disable this functionality if not required.

References

Apache Homepage

Related Vulnerabilities

Spring Boot Misconfiguration: All Spring Boot Actuator endpoints are web exposed

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.11)

WordPress Plugin WP Easy full backup Information Disclosure (1.4)

Tracy debugging tool enabled

WordPress Plugin Email Log Information Disclosure (1.9)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure