Path based vulnerability in java spring application

Asked Oct 19 '19 at 12:24

Active Oct 19 '19 at 12:24

Viewed 393 times

Below content related to qualys scanned report : Kindly suggest how I need to resolve the path based vulnerability of application what we need to add ,

WASC WASC-15 APPLICATION MISCONFIGURATION

WASC-16 DIRECTORY INDEXING

WASC-17 IMPROPER FILESYSTEM PERMISSIONS

Times Detected 3

CVSS Base 2.1 CVSS Temporal1.9

Details

Threat

A potentially sensitive file, directory, or directory listing was discovered on the Web server.

Impact

The contents of this file or directory may disclose sensitive information.

Solution

Verify that access to this file or directory is permitted. If necessary, remove it or apply access controls to it.

asked Oct 19 '19 at 12:24

Santosh Vastrad

Show the the code which is complained – Nghia Do Oct 19 '19 at 12:42
What's your Web server? Are you using Springboot? – verisimilitude Oct 19 '19 at 13:15
https://stackoverflow.com/questions/44254804/spring-boot-tomcat-enable-disable-directory-listing - Springboot configuration to disable directory listing – verisimilitude Oct 19 '19 at 13:19
https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing - apache Httpd server – verisimilitude Oct 19 '19 at 13:20
There are similar configurations available for all Web Servers. If you would provide more info on your setup, we can help you better. – verisimilitude Oct 19 '19 at 13:22
Spring boot ,webspher server using – Santosh Vastrad Oct 20 '19 at 04:06

Path based vulnerability in java spring application

0 Answers0