Description
Apache /server-info displays information about your Apache configuration. If you are not using this feature, disable it.
Remediation
Disable this functionality if not required. Comment out the <Location /server-info> section from httpd.conf.
References
Related Vulnerabilities
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.16)
WordPress Plugin Simple Backup Arbitrary File Download (2.7.10)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15098)
Spring Boot Misconfiguration: MongoDB credentials stored in the properties file
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3128)