Description

The HTTP responses returned by this web application include a header named Server. The value of this header includes the version of Microsoft IIS server.

Remediation

Microsoft IIS should be configured to remove unwanted HTTP response headers from the response. Consult web references for more information.

References

Remove Unwanted HTTP Response Headers

Related Vulnerabilities

WordPress Plugin DZS Video Gallery Information Disclosure (3.1.3)

WordPress username enumeration

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple Vulnerabilities (4.1.2)

WordPress Plugin Acumbamail Information Disclosure (1.0.4)

WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.7)

Severity

Info

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration