search cancel

A Qualys scan claims the the Web Gateway is vulnerable when the proxy is enabled.

book

Article ID: 164031

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

When you scan the Web Gateway with Qualys, the report shows a vulnerability with QID 62026 and 62035 regarding the CONNECT method

Cause

Qualys considers this a vulnerability due to the possibility of the CONNECT method being used as a reverse proxy and traversing your internal network. The CONNECT method is required for the SWG proxy to support HTTPS.

Resolution

There should be a perimeter firewall in front of the Web Gateway that blocks requests coming from the Internet on the proxy port to prevent proxy requests from the outside. In addition, you can disable the CONNECT method by enabling  the 'Block SSL Traffic on HTTP Port(s)' option on the Proxy tab and using the SSL Deep Inspections proxy function for this.