Vulnerabilities/

ASP.NET Version Disclosure

Severity:
Informational

Description

The presence of the X-AspNet-Version and X-AspNetMvc-Version headers exposes the version of ASP.NET used by the web server, providing valuable information to attackers. This disclosure can aid attackers in identifying vulnerabilities and planning their attacks more effectively.

Recommendation

To mitigate this issue:

<httpRuntime enableVersionHeader="false" />
MvcHandler.DisableMvcResponseHeader = true;

References

Related Issues

Tags:
HTTP Headers
Information Disclosure
Application Misconfiguration
ASP.NET
Web Server
Anything's wrong? Let us know Last updated on May 13, 2024

Use SmartScanner Free version to test for this issue

Download