Summary

Netsparker detected that Apache server-info is enabled.

Information disclosed from this page can be used to gain further information about the target system.

Impact
An attacker can gather useful information about the internals of the target web server, including:
  • Current server configuration
  • Server version
  • Server build time
  • Server root
  • Server httpd.conf configuration file path
  • Server build parameters
  • Apache modules and module directives
This type of information can help an attacker harvest information on the target in order to further develop the attack surface.
Remediation
Classifications
CAPEC-347, WASC-14, OWASP 2013-A5 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:O/RC:C