Webalizer Detected
Severity: Information
Summary #
Netsparker identified Webalizer which is a free web server log analysis software. This information can help an attacker to gain a greater understanding of the systems in use and potentially to develop further attacks.
Impact #
An attacker can search for specific security vulnerabilities for the version of Webalizer identified. More importantly Webalizer discloses too much information about hidden pages (config, administration etc.).
Remediation #
Configure your web server to prevent information leakage from the
Webalizer directory by implementing access control mechanisms to stop public access.Classifications #
CAPEC-224; CWE-205; ISO27001-A.14.2.5 or A.18.1.3; WASC-45; OWASP PC-C6; OWASP 2017-A6
, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Related Vulnerabilities
