Detections
Analytics
ELMAH (Error Logging Modules and Handlers) Remotely Accessible
medium Nessus Plugin ID 73317
Language:
Synopsis
The web server hosts a remotely accessible error logging application.Description
The remote web server hosts ELMAH, an error logging application used with ASP.NET web applications. The elmah.axd script was accessed remotely without authentication, which could provide detailed information that could provide a remote, unauthenticated attacker with sensitive data that could be used to launch further attacks.Solution
Restrict access to elmah.axd.See Also
https://code.google.com/archive/p/elmah
https://code.google.com/archive/p/elmah/wikis/SecuringErrorLogPages.wiki
Plugin Details
Severity: Medium
ID: 73317
File Name: elmah_accessible.nasl
Version: 1.5
Type: remote
Family: CGI abuses
Published: 4/3/2014
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: x-cpe:/a:elmah:elmah
Required KB Items: www/ASP
Excluded KB Items: Settings/disable_cgi_scanning