UIM - Missing or Permissive X-Frame-Options Header

search cancel

UIM - Missing or Permissive X-Frame-Options Header

book

Article ID: 260179

calendar_today

Updated On: 09-12-2023

Products

DX Unified Infrastructure Management (Nimsoft / UIM) CA Unified Infrastructure Management On-Premise (Nimsoft / UIM) CA Unified Infrastructure Management SaaS (Nimsoft / UIM)

Issue/Introduction

Our vulnerability scan (VA) detected the "Missing or Permissive X-Frame-Options Header" threat from the UIM Hub AND Web Portal Servers.

Environment

Release: 20.4.x

Resolution

We provide default security levels out of the box. It is up to the end user security team how to restrict security further.

We have provided a provision to increase the security levels. Please follow the link below to do so:

Enable Content Security Policy

In the techdocs link, you can review how to restrict security by modifying the values in the "content_security_policy" section.

Feedback

Was this article helpful?

thumb_up Yes

thumb_down No