Asp.Net Version disclosure

Description

At the time of sending the request, the server displays the version and other details about the technology of the server.

Bussines Impact

An attacker could exploit known vulnerabilities of the same version if it was not updated.

Recommendation

To prevent this vulnerability from happening, remove the header that displays the version or display a generic message. Apply the following changes to the web.config file to prevent ASP.NET version disclosure.

Reference

https://cwe.mitre.org/data/definitions/200.html