Description

Apache /stronghold-status displays information about your Apache configuration. This URL is enabled when you are using Apache Stronghold. If you are not using this feature, disable it.

Remediation

Disable this functionality if not required.

References

Apache Homepage

Related Vulnerabilities

WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure (9.7.1)

WordPress Plugin Backup & Restore Dropbox Multiple Vulnerabilities (1.4.7.5)

WordPress Plugin User Profile Picture Information Disclosure (2.4.0)

WordPress Plugin WP SlackSync Information Disclosure (1.8.5)

WordPress Plugin Timetable and Event Schedule by MotoPress Information Disclosure (2.3.19)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure