VMware Virtual Appliances Community

VMWare Health Analyzer appliance vulnerability

We have built VMWare Health Analyzer appliance from image provided by VMWare. This appliance automates the collection of VMWare Inventory, configuration and utilization data.

Qualys Scan is reporting vulnerability with this appliance. Here is the detail; please help us remediate this issue.

HTTP Security Header Not Detected

X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers missing on port 8080.

GET / HTTP/1.1

Host: pvmhchka1.theocc.com:8080

Connection: Keep-Alive

HTTP/1.1 200

Accept-Ranges: bytes

ETag: W/"98-1553772262000"

Last-Modified: Thu, 28 Mar 2019 11:24:22 GMT

Content-Type: text/html

Content-Length: 98

Date: Sun, 07 Jun 2020 02:29:45 GMT

X-XSS-Protection HTTP Header missing on port 8080.

X-Content-Type-Options HTTP Header missing on port 8080.

0 Kudos
0 Replies