Summary

Acunetix 360 identified a version disclosure (GeoServer) in the target web server's HTTP response. GeoServer is an open source server for sharing geospatial data.

Impact

An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified.

Remediation

Restrict access to the /geoserver/web/? path on the web server where Jolokia is deployed

Severity

Low

Classification

CAPEC-170 CWE-205 HIPAA-164.306(a) 164.308(a) ISO27001-A.18.1.3 WASC-13 OWASP 2013-A5 OWASP 2017-A6