Vulnerability
The Spring boot Actuator enables you to monitor and control application consumption in a production environment without requiring any coding or configuration. Several sub-endpoints, such as env, health, and metrics, are available in the Actuator. If env endpoint is enabled in production it will expose our sensitive information such as passwords, private keys etc.
Mitigation / Precaution
Give proper permission for these files
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
