search cancel

MISSING SECURITY HEADERS Vulnerability in IM

book

Article ID: 200200

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

During a Penetration Test the "MISSING SECURITY HEADERS" vulnerbaility was flagged against CA Identity Manager (Symantec IGA)

 

Cause

3rd Party Issue.

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager)

Resolution

MISSING SECURITY HEADERS


This is not a CA Identity Manager issue, it is a 3rd party issue and needs to be resolved within the application server. See the link below for more information. 

https://stackoverflow.com/questions/48643257/configure-http-headers-in-jboss-eap-7