We have installed and configured Layer 7 Developer Portal 4.5 in our environment. As per InfoSec guidelines, Layer 7 Developer Portal was scanned by Rapid7 tool.
After scanning more than 300+ vulnerabilities are found on Layer 7 Developer portal and we need to fix those asap to move it into production.
Request you to kindly provide the fix for those vulnerabilities.
Release : 4.5
Component : API PORTAL
We do not currently have any mechanism to perform an offline platform update
- Portal 4.5 Centos image is just an starting point (need to use yum to update as needed) this is not an appliance like gateway form factor.
- Gateway virtual appliance form factor is updated by using patches because it is a hardened image (has not yum available to customer use it).
the following options you can look at would be:
1) Download, load and install the RPMs manually (quickest solution, but not practical long term)
2) Setup a local yum repository (may take more time to setup, but better long term solution)