[jira] [Updated] (RANGER-5418) Development to Disable Server Version Disclosure in HTTP Responses for Ranger KMS

Bhavesh Amre (Jira) Tue, 09 Dec 2025 22:26:08 -0800


     [ 
https://issues.apache.org/jira/browse/RANGER-5418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Bhavesh Amre updated RANGER-5418:
---------------------------------
    Description: 
Ranger KMS is currently exposing the Tomcat server version in HTTP response 
headers. This leads to information disclosure and can help attackers identify 
underlying platform vulnerabilities.

The goal is to disable or hide the server version in all HTTP responses from 
Ranger KMS to improve security and comply with best practices.

> Development to Disable Server Version Disclosure in HTTP Responses for Ranger 
> KMS
> ---------------------------------------------------------------------------------
>
>                 Key: RANGER-5418
>                 URL: https://issues.apache.org/jira/browse/RANGER-5418
>             Project: Ranger
>          Issue Type: Sub-task
>          Components: kms
>    Affects Versions: 3.0.0
>            Reporter: Bhavesh Amre
>            Assignee: Bhavesh Amre
>            Priority: Minor
>
> Ranger KMS is currently exposing the Tomcat server version in HTTP response 
> headers. This leads to information disclosure and can help attackers identify 
> underlying platform vulnerabilities.
> The goal is to disable or hide the server version in all HTTP responses from 
> Ranger KMS to improve security and comply with best practices.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (RANGER-5418) Development to Disable Server Version Disclosure in HTTP Responses for Ranger KMS

Reply via email to