DevTest 10.2 Vulnerabilities - HTTP Strict Transport, Leak Sensitive Info, Clickjacking

Article Id: 103094

Status: Published

Updated On: 13-07-2018 07:26

Products:

CA Application Test , Service Virtualization , CA Continuous Application Insight (PathFinder)

Issue/Introduction:

Vulnerabilities Reported:
Application Does Not Use HTTP Strict Transport Security
Error Messages Leak Sensitive Implementation Details to User
Response Header Leaks Sensitive Server Information
Web Application Is Vulnerable to Clickjacking

Environment:

DevTest 10.2.4

Resolution:

Open a new support case and refer to defect DE352026.