未检测到 StorageGRID 安全标头 Apache Webserver 服务器状态信息泄露漏洞
适用场景
- StorageGRID
- Qualys 扫描
问题描述
Qualys扫描产品报告漏洞
Assessment-<number> Q4 FY2021-22 - DCM - Infra VA - EUR - Vulnerability-83527 HTTP Security Header Not Detected Low Non-Compliance with defined Standard or Best Practice <IPAddress> - HTTP Security Header Not Detected <IPAddress> 443 Note:
Assessment-<number> Q4 FY2021-22 - DCM - Infra VA - EUR - Vulnerability-83541 Apache Webserver server-status Information Disclosure Vulnerability Medium Non-Compliance with defined Standard or Best Practice <IPAddress> - Apache Webserver server-status Information Disclosure Vulnerability <IPAddress> 8443 Workaround: If you don't use this feature, comment out the following lines in your httpd.conf file: