[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90792-3

Platform: rhel7,centos7Date: (C)2017-06-29   (M)2022-10-10



Disable WebDAV (Distributed Authoring and Versioning) WebDAV is an extension of the HTTP protocol that provides distributed and collaborative access to web content. If its functionality is unnecessary, comment out the related modules: #LoadModule dav_module modules/mod_dav.so #LoadModule dav_fs_module modules/mod_dav_fs.so If there is a critical need for WebDAV, extra care should be taken in its configuration. Since DAV access allows remote clients to manipulate server files, any location on the server that is DAV enabled should be protected by access controls.


Parameter:


Technical Mechanism:

Minimizing the number of loadable modules available to the web server, reduces risk by limiting the capabilities allowed by the web server. Fix: No Remediation Info

CCSS Severity:CCSS Metrics:
CCSS Score : Attack Vector:
Exploit Score: Attack Complexity:
Impact Score: Privileges Required:
Severity: User Interaction:
Vector: Scope:
 Confidentiality:
 Integrity:
 Availability:
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30476
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31199
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30476
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31199


OVAL    2
oval:org.secpod.oval:def:30476
oval:org.secpod.oval:def:31199

© SecPod Technologies