Symantec VIP security vulnerabilities found with 'HTTP OPTIONS Method Enabled'
search cancel

Symantec VIP security vulnerabilities found with 'HTTP OPTIONS Method Enabled'

book

Article ID: 412567

calendar_today

Updated On:

Products

VIP Service

Issue/Introduction

Security Vulnerability found for Symantec VIP Enterprise Gateway for 'HTTP OPTIONS Method Enabled' for version 9.11.1

Environment

VIP Enterprise Gateway version 9.11.1

Cause

HTTP OPTIONS is currently enabled on the service named api-service, which was implemented in version 9.11.1 to facilitate the exposure of Rest APIs.

Resolution

We intend to disable HTTP OPTIONS on this service in the upcoming 9.11.2 release.

Powered by Wolken Software