Summary

Acunetix 360 identified the target web site is using IIS and detected that it is out of date.

Impact

Since this is an old version of the software, it may be vulnerable to attacks.

Remediation

Upgrading IIS to a higher version is not a standalone operation. The IIS version depends heavily on the Windows OS version that you use on your server machine.

If it is not possible to upgrade IIS to a higher version for this type of reason, we strongly recommend that you track and apply the patches that are published by the vendor.

Please note that all updates and patches for IIS come as Windows Updates. Also, you can select which update package(s) will be applied.

Severity

Information

Classification

PCI v3.2-6.2 CAPEC-310 CWE-1035 937 HIPAA-164.308(a)(1)(i) ISO27001-A.14.1.2 OWASP 2013-A9 OWASP 2017-A9