Details | |
---|---|
Alert ID | 40042 |
Alert Type | Active |
Status | release |
Risk | Medium |
CWE | 215 |
WASC | 13 |
Technologies Targeted |
Language / Java Language / Java / Spring |
Tags |
CWE-215 OWASP_2017_A05 OWASP_2021_A01 POLICY_API POLICY_QA_FULL WSTG-V42-CONF-05 |
More Info |
Scan Rule Help |
Summary
Spring Actuator for Health is enabled and may reveal sensitive information about this application. Spring Actuators can be used for real monitoring purposes, but should be used with caution as to not expose too much information about the application or the infrastructure running it.