CCE-90785-7Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Set httpd ServerSignature Directive to Off
'ServerSignature Off' restricts 'httpd' from displaying server version number
on error pages.
Add or correct the following directive in '/etc/httpd/conf/httpd.conf':
'ServerSignature Off'
Parameter:
Technical Mechanism:
Information disclosed to clients about the configuration of the web server and system could be used
to plan an attack on the given system. This information disclosure should be restricted to a minimum.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30469 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31192 |