- CheckMates
- :
- Products
- :
- General Topics
- :
- HSTS Missing From HTTPS Server - Serv
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HSTS Missing From HTTPS Server - Serv
Our checkpoint gateways is hosted in google cloud environment which uses r80.10. This is our first time to encounter an "HSTS Missing From HTTPS Server" vulnerability which came from the result of our vulnerability scanner. It targets the service 443 which I assume more on the gaia web. Could you kindly assist me on how can I find the configuration of this HSTS in either management server or gateway. Has anyone also tried to fix this in your checkpoint that are hosted also in a cloud environment.
- Tags:
- HSTS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Install the latest jumbo hotfix, which includes this configuration, or upgrade to a later version.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Missing HSTS is a cosmetic issue here. Gaia only allows HTTPS TLS connectivity in any case. However, if you want it fixed, please follow @PhoneBoy's directions
