Version Disclosure (IBM Security Access Manager (WebSEAL))

Severity:

Low

Summary

Invicti identified a version disclosure (IBM Security Access Manager (WebSEAL)) in the target web server's HTTP response.

This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of IBM Security Access Manager (WebSEAL).

Impact

An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.

Remediation

Configure your web server to prevent information leakage from the suppress-server-identity function of its HTTP response.

Required Skills for Successful Exploitation

Actions To Take

Classifications

CAPEC-170

CWE-205

HIPAA-164.306(a), 164.308(a)

Vulnerability Index

You can search and find all vulnerabilities

Select Category

Select Vulnerability

Related Vulnerabilities

Out-of-date Version (Magento)

Server-Side Template Injection (IAST)

Version Disclosure (E107)

WordPress Theme ShopyMall Out Of Date

Struts 2 Config Browser plugin enabled

Version Disclosure (IBM Security Access Manager (WebSEAL))

Vulnerability Index

Select Category

Select Vulnerability

Featured resources

Build your resistance to threats. And save hundreds of hours each month.