There is a Module mod_status in Apache server which allows a server administrator to find out how well their server is performing. Researchers found Apache Server-Status Enabled on some popular site like php.net, cisco, nba.com, Cloudflare, Metacafe, Ford, yellow.com and others. The main security risk of using this module is only Information disclosure which includes infomation such as Server uptime, Individual request-response statistics and CPU usage of the working processes. That could give a potential attacker information about how to attack the web server.
Source: https://thehackernews.com/2012/10/researchers-found-apache-server-status.html