Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gaurav_Pandya
Advisor

HTTP Header vulnerabilities in the Mobile Access Portal

Hi,

Compliance scan report detected HTTP Header vulnerabilities in the Mobile Access Portal, mainly for X-XSS protection. I was checking sk138813 where we need to edit $CVPNDIR/conf/httpd.conf  file. 

We are running on R81.10 and in that sk138813, it is given till R80.40. So my question is, same procedure I need to apply for R81.10 as well?

 

 

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

Believe it would be the same procedure 

0 Kudos
Gaurav_Pandya
Advisor

Thanks, will do

0 Kudos
Pedro_Madeira
Contributor

Hello @Gaurav_Pandya 

Did you apply this SK on top of R81.20 already? I tried them back in R81.10 and it worked fine but now when I applied them in R81.20 I had SNX random disconnects from users.

 

Thanks,

PM

0 Kudos
Gaurav_Pandya
Advisor

Hi Pedro,

Same here, we are facing SNX issue after upgrading to R81.20. We tried take 43 & 41 but no luck. TAC is opened for the same.

Pedro_Madeira
Contributor

Hello @Gaurav_Pandya 

Thanks for your reply.

In the service request we have opened with TAC, we pointed them to this threat to see if both service request assigned engineers could talk between them and exchange notes. Since you're experiencing the same problem, it's not something unique on our end.

so perhaps R&D needs to take a look at this.

If I have any news on my side, I will let you know.

 

Thank you,

Pedro Madeira

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events