search cancel

Cache Management Insecure Policy Vulnerability in spectrum


Article ID: 199023


Updated On:


CA Spectrum CA eHealth


Vulnerability scanner found Cache Management: Insecure Policy vulnerability in oneclick



Release : 10.4

Component : Spectrum OneClick


To secure OneClick and protect against the attack use the following procedure to prevent Cache Management Insecure policy
Edit $SPECROOT/tomcat/conf/web.xml
Find for httpHeaderSecurity filter as given below

<!-- The mapping for the HTTP header security Filter -->


Now add filters as given below 
   <!-- 1 DAY -->
Web.xml will look like as below after modification

Note: The ExpiresFilter A86400 value defines, in seconds, the amount of time it takes for a cached copy of a resource to expire.

After expiring, a browser must refresh its version of the resource by sending another request to a server.

Save web.xml

Restart Spectrum Tomcat Service

Additional Information

When upgrading Spectrum in the future it is likely that the changes to the web.xml file will be lost. You will 
    need to add these changes back after the upgrade is complete.