CCE-90802-0Platform: rhel7 | Date: (C)2017-06-29 (M)2022-10-10 |
Restrict Other Critical Directories
All accessible web directories should be configured with similarly restrictive settings.
The 'Options' directive should be limited to necessary functionality and the 'AllowOverride'
directive should be used only if needed. The 'Order' and 'Deny' access control tags
should be used to deny access by default, allowing access only where necessary.
Parameter:
Technical Mechanism:
Directories accessible from a web client should be configured with the least amount of
access possible in order to avoid unauthorized access to restricted content or server information.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: