Fluid Attacks Database

Description

Detects information disclosure vulnerabilities where a web application reveals its ASP.NET framework version through the X-AspNet-Version HTTP header. Exposing version information helps attackers identify vulnerable ASP.NET versions to target known security weaknesses.

Weakness:

235 - Technical information leak - Headers

Category: Information Collection

Detection Strategy

• Examines HTTP response headers from the web application

• Triggers a vulnerability report if the X-AspNet-Version header is present in the response

• Reports the exact header location and value to identify where sensitive version information is being leaked

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.