ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Cache Management Insecure Policy Vulnerability in spectrum
Article ID: 199023
Vulnerability scanner found Cache Management: Insecure Policy vulnerability in oneclick
Release : 10.4
Component : Spectrum OneClick
To secure OneClick and protect against the attack use the following procedure to prevent Cache Management Insecure policy
Find for httpHeaderSecurity filter as given below
<!-- The mapping for the HTTP header security Filter -->
Now add filters as given below
<!-- 1 DAY -->
Web.xml will look like as below after modification
Note: The ExpiresFilter A86400 value defines, in seconds, the amount of time it takes for a cached copy of a resource to expire.
After expiring, a browser must refresh its version of the resource by sending another request to a server.
Restart Spectrum Tomcat Service
When upgrading Spectrum in the future it is likely that the changes to the web.xml file will be lost. You will
need to add these changes back after the upgrade is complete.