HSTS Vulnerability in Visualizer instance
search cancel

HSTS Vulnerability in Visualizer instance

book

Article ID: 277090

calendar_today

Updated On:

Products

CA Service Management - Service Desk Manager

Issue/Introduction

How to address HSTS Vulnerability in Visualizer instance.

Environment

 In web.xml file under  C:\Program Files (x86)\CA\Service Desk Manager\bopcfg\www\CATALINA_BASE_VIZ\webapps\CMDBVisualizer\WEB-INF

uncomment the filter shown below, and add the following init-param entry.
       <init-param>
            <param-name>hstsMaxAgeSeconds</param-name>
            <param-value>31536000</param-value>
        </init-param>

 

After adding this filter and restarting SDM services, we can see HSTS header in the response.

Resolution


   In web.xml file under  C:\Program Files (x86)\CA\Service Desk Manager\bopcfg\www\CATALINA_BASE_VIZ\webapps\CMDBVisualizer\WEB-INF uncomment the filter shown below:

 add the following init-param entry.
       <init-param>
            <param-name>hstsMaxAgeSeconds</param-name>
            <param-value>31536000</param-value>
        </init-param>

After adding this filter and restarting SDM services, we can see HSTS header in the response:

 

Powered by Wolken Software