Browsable Web Directories

Medium Nessus Plugin ID 40984

Synopsis

Some directories on the remote web server are browsable.

Description

Multiple Nessus plugins identified directories on the web server that are browsable.

Solution

Make sure that browsable directories do not leak confidential informative or give access to sensitive resources. Additionally, use access restrictions or disable directory indexing for any that do.

See Also

http://www.nessus.org/u?0a35179e

Plugin Details

Severity: Medium

ID: 40984

File Name: browsable_web_dir.nasl

Version: Revision: 1.8

Type: remote

Family: CGI abuses

Published: 2009/09/15

Updated: 2016/12/30

Dependencies: 67257, 10604, 10704

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N