Information Leakage / HTTP Trace Method Is Enabled
HTTP TRACE method is enabled vulnerability is a type of Information Leakage vulnerability, that can occur in Web and API applications. It occurs when a web server is configured to allow HTTP TRACE method requests. This method is used to debug and troubleshoot web based applications, and if enabled, attackers can use this method to obtain sensitive data such as cookies, passwords and other sensitive data. According to the CWE directory (CWE-918), this vulnerability is caused due to Insufficiently Protected Credentials. It is also listed in the OWASP Testing Guide under Test Vectors (A2-Trace).
This vulnerability can lead to serious security issues, as attackers can obtain sensitive data from the server. An attacker can exploit this vulnerability to gain access to confidential information, which may lead to further exploitation of the system. The risk assessment for this vulnerability is HIGH, as the data obtained from this vulnerability can be used to gain access to the application and launch further attacks.
The best way to mitigate this vulnerability is to disable the HTTP TRACE method on the server. This can be done by modifying the configuration files of the web server, and setting the "TraceEnable" value to "Off". Additionally, there are certain security headers that can be used to prevent the TRACE method from being used, such as "X-Frame-Options" and "X-XSS-Protection".
Below is an example of how to disable the TRACE method in Apache server.
<IfModule mod_headers.c> Header set X-Frame-Options: "deny" Header set X-XSS-Protection: "1; mode=block" TraceEnable off </IfModule>