[jira] [Updated] (FINERACT-2130) Server Version Disclosure

Chris Wells (Jira) Tue, 01 Oct 2024 07:55:56 -0700


     [ 
https://issues.apache.org/jira/browse/FINERACT-2130?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Chris Wells updated FINERACT-2130:
----------------------------------
    Description: [Redacted]  (was: h2. Description
 
It was observed that the application discloses server/framework type and 
version used. Disclosed information is listed below:
 
h2. Reproduction Steps
 
 # Inspect a request 
 # Observe that the response discloses server version. i.e.

 ## Server:awselb/2.0

 
h2. Impact Details
An attacker could determine vulnerabilities associated with the server version 
and launch platform specific attacks.)

> Server Version Disclosure
> -------------------------
>
>                 Key: FINERACT-2130
>                 URL: https://issues.apache.org/jira/browse/FINERACT-2130
>             Project: Apache Fineract
>          Issue Type: Bug
>          Components: Client, Security
>            Reporter: Peter Chen
>            Priority: Minor
>              Labels: backend, security, web
>
> [Redacted]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (FINERACT-2130) Server Version Disclosure

Reply via email to