If the port is proxied to something else, maybe by a load balancer, then
disclosing the IP address in an HTTP header could be an issue. The scanner
doesn't know whether the port is proxied elsewhere.
On 2/14/22, 8:29 AM, "matthew sporleder" <msporle...@gmail.com> wrote:
CAUTION: This email originated from outside of the organization. Do not
click links or open attachments unless you recognize the sender and are
confident the content is safe.
So you scanned an internal IP address and somehow disclosed the
internal IP address?
On Mon, Feb 14, 2022 at 4:36 AM Anchal Sharma2 <anchs...@in.ibm.com> wrote:
>
> Hi All,
>
> We have got following vulnerability on port where apache solr is running
on few of our servers .Does anyone have any ideas/suggestions on how to
mitigate this ?
> Vulnerability -> Web Server HTTP Header Internal IP Disclosure 8983
>
> Thanks
> Anchal Sharma
