X-Backend-Server Header Information Leak

The server is leaking information pertaining to backend systems (such as hostnames or IP addresses). Armed with this information an attacker may be able to attack other systems or more directly/efficiently attack those systems.

Leaking backend server information through headers exposes internal infrastructure details such as hostnames, IP addresses, or server names that are normally hidden behind load balancers or reverse proxies. Attackers use this information to map the internal network topology, identify specific backend systems to target, bypass security controls by directly attacking exposed servers, or exploit trust relationships between internal systems that assume requests from the load balancer are already authenticated.

Ensure that your web server, application server, load balancer, etc. is configured to suppress X-Backend-Server headers.