Microsoft-IIS Version disclosure

Description

During the scan, Kayran managed to find that the server reveals it’s own version.
That means, that anyone knows it’s version which can be exploited.

An attacker could abuse the exposed information in order to exploit specific security vulnerabilities in the identified version.

Recommendation

To prevent this vulnerability, make sure that the server displays a generic, simple message and does not reveal any sensitive information about the server including its version.

References

https://docs.microsoft.com/en-us/answers/questions/382348/aspnet-version-disclosure-issue-vulnerability-wind.html

< Return to all Vulnerabilities