Description

Apache /stronghold-info displays information about your Apache configuration. This URL is enabled when you are using Apache Stronghold. If you are not using this feature, disable it.

Remediation

Disable this functionality if not required.

References

Apache Homepage

Related Vulnerabilities

WordPress Plugin Import all XML, CSV & TXT into WordPress Information Disclosure (3.6.74)

WordPress Plugin HTML5 MP3 Player with Playlist Free Information Disclosure (2.6)

WordPress Plugin WP Mobile Edition Arbitrary File Disclosure (2.2.7)

Web Cache Poisoning DoS (for javascript)

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.22)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration Information Disclosure