H3-2022-0060
Spring Boot Env Actuator Exposed
Category | SECURITY_MISCONFIGURATION |
Base Score | 4.5 |
Description
Spring Boot includes a number of built-in endpoints which let you monitor and interact with your application.
Impact
The Env actuator provides access to the configuration environment and should never be exposed in a production environment.