Web Server Error Page Information Disclosure

Medium Nessus Plugin ID 88490


The remote web server discloses information via a default error page.


The default error page sent by the remote web server discloses information that can aid an attacker, such as the server version and languages used by the web server.


Modify the web server to not disclose detailed information about the underlying web server, or use a custom error page instead.

Plugin Details

Severity: Medium

ID: 88490

File Name: pci_www_error_page_info_disclosure.nasl

Version: $Revision: 1.3 $

Type: remote

Family: Web Servers

Published: 2016/01/29

Modified: 2018/01/22

Dependencies: 39446, 10107, 48204, 58363

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N


Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Required KB Items: Settings/ParanoidReport