Description

The HTTP responses returned by this web application include a header named Server. The value of this header includes the version of Microsoft IIS server.

Remediation

Microsoft IIS should be configured to remove unwanted HTTP response headers from the response. Consult web references for more information.

References

Remove Unwanted HTTP Response Headers

Related Vulnerabilities

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.16)

WordPress Plugin Backup Migration Information Disclosure (1.3.5)

WordPress Plugin Salon Booking System Multiple Information Disclosure Vulnerabilities (7.6.2)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3128)

WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Configuration