CCE-90784-0Platform: rhel7,centos7 | Date: (C)2017-06-29 (M)2022-10-10 |
Set httpd ServerTokens Directive to Prod
'ServerTokens Prod' restricts information in page headers, returning only the word "Apache."
Add or correct the following directive in '/etc/httpd/conf/httpd.conf':
'ServerTokens Prod'
Parameter:
Technical Mechanism:
Information disclosed to clients about the configuration of the web server and system could be used
to plan an attack on the given system. This information disclosure should be restricted to a minimum.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:30468 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31191 |