DerScanner
Home / Vulnerability Database / Config files : Version disclosure
Config files

Config files : Version disclosure

Classification

OWASP Top 10 2013
A5-Security Misconfiguration
OWASP Top 10 2017
A6-Security Misconfiguration
OWASP Top 10 2021
A5-Security Misconfiguration
HIPAA
§164.312 (a)(1)
CWE
CWE-1031

Overview

The application discloses information about its platform and version. This can cause the application to be vulnerable to zero-day vulnerabilities.

References

  1. Security Through Obscurity - Hiding ASP.NET MVC Response Headers
  2. Hide your Web stack - JoliCode
  3. How to: Create Web.config Files
  4. CWE CATEGORY: OWASP Top Ten 2017 Category A5 - Broken Access Control
MEDIUM

DerScanner Severity Score

Do you want to fix Config files : Version disclosure in your application?

See also

Config files

Config files : Text4Shell Vulnerability

Config files

Config files : Incorrect directory deletion

Config files

Config files : Code injection