Our VA scan detected the "Missing or Permissive X-Frame-Options Header" threat from the CA UIM Hub & Web Portal Servers.
Release : 20.4.x
We provide default security levels out of box . Now it is up to the end user security team how to restrict further.
Have provided a provision to increase the security levels. Please follow the below link to do so
Enable Content Security Policy
In the above documentation can refer how to restrict by modifying the values in the "content_security_policy" section