UIM - Missing or Permissive X-Frame-Options Header
Article ID: 260179
Updated On:
Products
DX Unified Infrastructure Management (Nimsoft / UIM)
CA Unified Infrastructure Management On-Premise (Nimsoft / UIM)
Issue/Introduction
Our VA scan detected the "Missing or Permissive X-Frame-Options Header" threat from the CA UIM Hub & Web Portal Servers.
Environment
Release : 20.4.x
Resolution
We provide default security levels out of box . Now it is up to the end user security team how to restrict further.
Have provided a provision to increase the security levels. Please follow the below link to do so
Enable Content Security Policy
In the above documentation can refer how to restrict by modifying the values in the "content_security_policy" section
Feedback
Yes
No
Powered by
