Description

This Spring web application is configured with the Spring Boot Shutdown Actuator enabled. This Actuator endpoint allows authenticated users to shut down the application.

Remediation

It's recommended to disable the Spring Boot Shutdown Actuator unless there is a good reason to have this feature enabled. This can be done using the following configuration:

endpoints.shutdown.enabled=false

References

Related Vulnerabilities