Virtual Appliances

 View Only

VMWare Health Analyzer appliance vulnerability

  • 1.  VMWare Health Analyzer appliance vulnerability

    Posted Jun 12, 2020 06:53 PM

    We have built VMWare Health Analyzer appliance from image provided by VMWare. This appliance automates the collection of VMWare Inventory, configuration and utilization data.

    Qualys Scan is reporting vulnerability with this appliance. Here is the detail; please help us remediate this issue.

    HTTP Security Header Not Detected

    X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers missing on port 8080.

    GET / HTTP/1.1

    Host: pvmhchka1.theocc.com:8080

    Connection: Keep-Alive

    HTTP/1.1 200

    Accept-Ranges: bytes

    ETag: W/"98-1553772262000"

    Last-Modified: Thu, 28 Mar 2019 11:24:22 GMT

    Content-Type: text/html

    Content-Length: 98

    Date: Sun, 07 Jun 2020 02:29:45 GMT

    X-XSS-Protection HTTP Header missing on port 8080.

    X-Content-Type-Options HTTP Header missing on port 8080.