WEB APPLICATION VULNERABILITIES Standard & Premium

Web server default welcome page

Description

This web server has a default welcome page. If you are not using this web server, it should be disabled because it may pose a security threat.

Remediation

If this server is not used, it is recommended to disable it.

References

Web Server Default Welcome Page

Related Vulnerabilities

Oracle Application Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2004-1367)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-6104)

Apache Axis2 administration console weak password

WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.6.2)

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5341)

Severity

Info

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration