This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gaurav_Pandya
Advisor
‎2022-09-12 09:26 AM

HTTP Header vulnerabilities in the Mobile Access Portal

Hi,

Compliance scan report detected HTTP Header vulnerabilities in the Mobile Access Portal, mainly for X-XSS protection. I was checking sk138813 where we need to edit $CVPNDIR/conf/httpd.conf  file. 

We are running on R81.10 and in that sk138813, it is given till R80.40. So my question is, same procedure I need to apply for R81.10 as well?

 

 

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2022-09-12 10:39 AM

Believe it would be the same procedure 

0 Kudos
Gaurav_Pandya
Advisor
‎2022-09-14 04:30 AM
In response to PhoneBoy

Thanks, will do

0 Kudos
Pedro_Madeira
Collaborator
‎2024-04-01 07:27 AM
In response to Gaurav_Pandya

Hello @Gaurav_Pandya 

Did you apply this SK on top of R81.20 already? I tried them back in R81.10 and it worked fine but now when I applied them in R81.20 I had SNX random disconnects from users.

 

Thanks,

PM

0 Kudos
Gaurav_Pandya
Advisor
‎2024-04-03 04:20 AM
In response to Pedro_Madeira

Hi Pedro,

Same here, we are facing SNX issue after upgrading to R81.20. We tried take 43 & 41 but no luck. TAC is opened for the same.

Pedro_Madeira
Collaborator
‎2024-04-03 04:28 AM
In response to Gaurav_Pandya

Hello @Gaurav_Pandya 

Thanks for your reply.

In the service request we have opened with TAC, we pointed them to this threat to see if both service request assigned engineers could talk between them and exchange notes. Since you're experiencing the same problem, it's not something unique on our end.

so perhaps R&D needs to take a look at this.

If I have any news on my side, I will let you know.

 

Thank you,

Pedro Madeira

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events