PCI Security Scan Failure
Posted: Mon Oct 15, 2018 11:24 am
Hi There,
We are all of suddenly failing our PCI Security Scan with Security Metrics. Nothing has changed other than forcing our store to use https. Anyone know what the culprit might be? It's leaking our private IP address in the headers.
This is the error message I am getting.
Title:
Web Server HTTP Header Internal IP Disclosure
Synopsis:
This web server leaks a private IP address through its HTTP headers.
Impact:
This may expose internal IP addresses that are usually hidden or masked
behind a Network Address Translation (NAT) Firewall or proxy server.
There is a known issue with Microsoft IIS 4.0 doing this in its default
configuration. This may also affect other web servers, web applications,
web proxies, load balancers and through a variety of misconfigurations
related to redirection. See also : http://www.nessus.org/u?fe24f941
http://support.microsoft.com/default.as ... US;Q218180
http://support.microsoft.com/default.as ... -US;834141
Resolution:
None
Data Received:
When processing the following request : GET / HTTP/1.0 this web server
leaks the following private IP address : 10.100.0.200 as found in the
following collection of HTTP headers : HTTP/1.1 301 Moved
Permanently Content-Type: text/html; charset=utf-8 Location:
https://10.100.0.200/ Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 23:14:20 GMT Connection: close Content-Length:
138
CVE Score Vector
CVE-2000-0649 4.0 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
We are all of suddenly failing our PCI Security Scan with Security Metrics. Nothing has changed other than forcing our store to use https. Anyone know what the culprit might be? It's leaking our private IP address in the headers.
This is the error message I am getting.
Title:
Web Server HTTP Header Internal IP Disclosure
Synopsis:
This web server leaks a private IP address through its HTTP headers.
Impact:
This may expose internal IP addresses that are usually hidden or masked
behind a Network Address Translation (NAT) Firewall or proxy server.
There is a known issue with Microsoft IIS 4.0 doing this in its default
configuration. This may also affect other web servers, web applications,
web proxies, load balancers and through a variety of misconfigurations
related to redirection. See also : http://www.nessus.org/u?fe24f941
http://support.microsoft.com/default.as ... US;Q218180
http://support.microsoft.com/default.as ... -US;834141
Resolution:
None
Data Received:
When processing the following request : GET / HTTP/1.0 this web server
leaks the following private IP address : 10.100.0.200 as found in the
following collection of HTTP headers : HTTP/1.1 301 Moved
Permanently Content-Type: text/html; charset=utf-8 Location:
https://10.100.0.200/ Server: Microsoft-IIS/8.5 X-Powered-By: ASP.NET
Date: Thu, 11 Oct 2018 23:14:20 GMT Connection: close Content-Length:
138
CVE Score Vector
CVE-2000-0649 4.0 (AV:N/AC:H/Au:N/C:P/I:N/A:N)