[ClusterLabs] Missing or Permissive Content-Security-Policy frameancestors HTTP Response Header in pcsd
S Sathish S
s.s.sathish at ericsson.com
Mon May 18 03:25:13 EDT 2020
Hi Team,
We are getting below vulnerable alert while using pcs , we are not using pcs Web UI interface can we know mitigation plan for this.
Plugin ID : 50344
Plugin Name : Missing or Permissive Content-Security-Policy frameancestors HTTP Response Header
Port : TCP 2224
We have tried disabled Web UI interface and restart pcsd service , Still page is accessible and login page display "PCSD GUI is disabled"
Configuration File :
# cat /etc/sysconfig/pcsd | grep -i GUI
# Set DISABLE_GUI to true to disable GUI frontend in pcsd
PCSD_DISABLE_GUI=true
Web UI Details :
https://<IP Address>:2224/login<https://%3cIP%20Address%3e:2224/login>
Print " PCSD GUI is disabled"
Can you suggest the way-forward for the same.
Thanks and Regards,
S Sathish S
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.clusterlabs.org/pipermail/users/attachments/20200518/2e3fa16b/attachment.htm>
More information about the Users
mailing list