Azure Application Gateway Proxy Disclosure

Michele Palese 11 Reputation points
2020-10-23T13:17:36.123+00:00

The Azure Application Gateway WAF V2 is vulnerable to Sensitive Data Exposure, because it responds with the Server header equal to Microsoft-Azure-Application-Gateway/v2 if it is invoked with the http TRACE method and Max-Forwards header = 0. This information helps a potential attacker to determine

  • A list of targets for an attack against the application.
  • Potential vulnerabilities on the proxy servers that service the application.
  • The presence or absence of any proxy-based components that might cause attacks against the application to be detected, prevented, or mitigated.

as described in OWASP.

Is there any way to avoid this and thus be owasp compliant?

Azure Application Gateway
Azure Application Gateway
An Azure service that provides a platform-managed, scalable, and highly available application delivery controller as a service.
961 questions
Azure Web Application Firewall
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. TravisCragg-MSFT 5,676 Reputation points Microsoft Employee
    2020-10-24T00:43:15.027+00:00

    It is possible to remove this header from Application Gateway responses using Header ReWrites.

    If the 'Server' header is the one you would like to remove, create a rewrite action that removes that header:

    34761-image.png