Description

The system displays the applications directories, allowing an attacker to know the content of the files stored on the server.

Impact

- Obtain technical or sensitive information of the files stored in the applications directory. - Collect technical information on the application.

Recommendation

- Disable the configurations of the server that allow to execute directory listing. - Establish index files that will be shown when the directories are loaded.

Threat

External attacker with access to the application.

Expected Remediation Time

⏱️ 15 minutes.

Requirements

Fixes