This article is a part of our Web Security Knowledge Base (back to index)

Why X-AspNet-Version Response Header Scanner can be dangerous

The ‘X-AspNet-Version’ header in HTTP response leaks technical information about a system to potential attackers.

How to fix X-AspNet-Version Response Header Scanner

To increase the security of an application you need to disclose as little information about the system as possible. The best way to do so is to configure the server not to return ‘X-AspNet-Version’ header in HTTP response.

How does ScanRepeat report X-AspNet-Version Response Header Scanner

ScanRepeat checks every HTTP response looking for ‘X-AspNet-Version’ and ‘X-AspNetMvc-Version’ headers. It reports every occurrence of those headers along with the request URL.

Would you like to test your application now against this problem? Sign up for our free trial

Scan Your Web App Now
Scan your application
for 14 days for free

No credit card is required. No commitment.

Sign Up Free