Details
Alert ID 40025-1
Alert Type Active
Status beta
Risk High
CWE 204
WASC 45
Technologies Targeted All
Tags CWE-204
OWASP_2017_A06
OWASP_2021_A05
OWASP_2025_A02
POLICY_PENTEST
SYSTEMIC
More Info Scan Rule Help

Summary

1 proxy server(s) were detected or fingerprinted. This information helps a potential attacker to determine

  • A list of targets for an attack against the application.
  • Potential vulnerabilities on the proxy servers that service the application.
  • The presence or absence of any proxy-based components that might cause attacks against the application to be detected, prevented, or mitigated.

Solution

Disable the 'TRACE' method on the proxy servers, as well as the origin web/application server. Disable the 'OPTIONS' method on the proxy servers, as well as the origin web/application server, if it is not required for other purposes, such as 'CORS' (Cross Origin Resource Sharing). Configure the web and application servers with custom error pages, to prevent 'fingerprintable' product-specific error pages being leaked to the user in the event of HTTP errors, such as 'TRACK' requests for non-existent pages. Configure all proxies, application servers, and web servers to prevent disclosure of the technology and version information in the 'Server' and 'X-Powered-By' HTTP response headers.

Other Info

Using the TRACE, OPTIONS, and TRACK methods, the following proxy servers have been identified between ZAP and the application/web server: - nginx/1.22 The following web/application server has been identified: - Apache/2.4.58 The 'TRACE' method is enabled on one or more of the proxy servers, or on the origin server. This method leaks all information submitted from the web browser and proxies back to the user agent. This may facilitate 'Cross Site Tracing' attacks.

References

Code

org/zaproxy/zap/extension/ascanrulesBeta/ProxyDisclosureScanRule.java