Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Hardik_Patil_66
Explorer

How to mitigate the below Vulnerability

Dear Team,

 

Missing useful HTTP headers :- Cache-control is an HTTP header used to specify browser caching policies in both client requests and server responses. Policies include how a resource is cached, where it’s cached and its maximum age
before expiring (i.e., time to live).

Using known vulnerable components :- Application is using vulnerable JavaScript libraries. One or more vulnerabilities were reported for this version of the library.

Please help us with the solution to mitigate the same. 

0 Kudos
4 Replies
Sorin_Gogean
Advisor

Hello, 

Is the error/vulnerability clear for you "Missing useful HTTP headers :- Cache-control is an HTTP header used to specify browser caching policies in both client requests and server responses."  ?
On the WebServer you're addressing, seems that you don't have configured "Cache-control" headers.

(go over this and maybe you'll get them clarified)

Can you get us a screenshot of the Log where you see this...

Thank you,

0 Kudos
PhoneBoy
Admin
Admin

Please provide more details about the environment and precisely what Check Point products involved (including version/JHF levels) and how.

0 Kudos
Hardik_Patil_66
Explorer

We are having cluster setup on version R81.10 with jumbo hotfix take 79.

0 Kudos
PhoneBoy
Admin
Admin

Still need more information:

  • Who or what exactly is reporting this vulnerability? 
  • What precisely is being scanned? Is it the gateway itself, a device that it's protecting, or something else? What precise tCP ports are being scanned to make this "vulnerable" determination?
  • Please provide an external reference to said vulnerability (e.g. a CVE # or similar) so we can understand the exact nature of it.

If you don't want to post this information publicly, I suggest opening a TAC case.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events