AnsweredAssumed Answered

Need Guidance on QID 11828

Question asked by Gerard Rodolfo on Feb 14, 2018
Latest reply on Feb 20, 2018 by Gerard Rodolfo

It shows severity level 4 on an exposed Web Configuration File. The configuration file that showed up on our vulnerability scan does not contain any sensitive data. Is it possible to downgrade the severity level in our environment? We tried a redirect in our Apache config file but without success. It's related to a Cognos application server but even our Cognos consultant who implemented it does not have a clue. Should we just create a variance or downgrade the severity?

Outcomes