| VID |
22259 |
| Severity |
20 |
| Port |
80 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The target Web server appears to be a Web load balancer and to reveal real IP addresses.
The Web Load Balancer is a cross-web server, cross-platform web request dispatcher that distributes the requests from the client browsers among several back-end servers, while keeping session information. The target Web server allows remote attackers to determine the real IP address of a web server in the load balanced pool.
* Platforms Affected:
Any Operating System Any version |
| Recommendation |
Use web configuration to hide information disclosure, such as changing the address to the virtual IP address. Or consider replacing the affected load balancer to others without real IP revealing vulnerability. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
