hsts missing from https server

DCIM_Support · ‎2020-07-05

This question was originally posted on DCIM Support by Jonathan Dator on 2018-10-11

Can anyone point me to a correct direction to fix a vulnerability? Our Nessus SecurityCenter scan on our StruxureWare is giving us this error:

HSTS Missing From HTTPS Server (84502)

The remote web server is not inforcing HSTS
The remote HTTPS server does not send the HTTP "Strict-Transport-Security" Header

We got this scan result when we had StruxureWare DCE 7.5.x, and the same result even after we upgraded to version 7.6.x.

DCIM_Support · ‎2020-07-05

This comment was originally posted on DCIM Support by Stine Hansen on 2018-10-22

Hi Jonathan Dator, thanks for posting - and sorry to have left you hanging.

I'll see if I can get some eyes on this. Otherwise I suggest you call your local tech support. You can find the contact information here https://www.apc.com/us/en/country-selector/?ref_url=/support/contact/index.cfm

Thanks,

Stine

DCIM_Support · ‎2020-07-05

This comment was originally posted on DCIM Support by Stine Hansen on 2018-12-12

Hi Jonathan Dator,

Did you find a fix to your vulnerability?

Thanks,

Stine

DCIM_Support · ‎2020-07-05

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.