Urgent please ->HSTS missing and apple mac OSX content

V M

• May 17, 2023 06:32

Hi team 

We need urgent request to get support for the following issues with plugins from a security scan by our customer. Site is devic.greenbox.com.au 

Details below - how do we fix it? This is urgent please relating to HSTS and Apple Mac OS X plugin. Thanks a lot 

GreenBox website Wed, 17 May 2023 01:55:14 UTC Tenable.io completed the scan GreenBox website. Please click here to view and edit the scan results. Report Summary Plugins: Top 5 Severity Plugin Id Name Medium 10756 Apple Mac OS X Find-By-Content .DS_Store Web Directory Listing Medium 142960 HSTS Missing From HTTPS Server (RFC 6797) Info 10107 HTTP Server Type and Version Info 10386 Web Server No 404 Error Code Check Info 11219 Nessus SYN scanner Assets: Top 5 Asset Critical High Medium Low Info Total devic.greenbox.com.au 0 0 2 0 20 22

0

• 

  KC George

  • May 17, 2023 12:24

  Hi Viraj,

  I have replied to you here https://support.brizy.io/hc/en-us/community/posts/15376101905425 We will continue our discussion on this thread. 

  0
• 

  V M

  • May 17, 2023 13:03

  Hi team

  This is an issue on Brizzy cloud side - please see below the screen shot of the scan done by tenable.io (http://tenable.io/) .

  Please see the medium severity below -

  Does brizzy cloud support HSTS ?
  What does the Apple Mac OS X plug in error refer to?

  The website is on brizzy cloud - URL here devic.greenbox.com.au (http://devic.greenbox.com.au/)

  Please advise.

   

  GreenBox website

  Wed, 17 May 2023 01:55:14 UTC

  Tenable.io completed the scan GreenBox website. Please click here (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-asset) to view and edit the scan results.

  Report Summary

  Plugins: Top 5

  Severity Plugin Id Name
  Medium 10756 (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-plugin/vulnerability-details/10756/assets-affected) Apple Mac OS X Find-By-Content .DS_Store Web Directory Listing
  Medium 142960 (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-plugin/vulnerability-details/142960/assets-affected) HSTS Missing From HTTPS Server (RFC 6797)
  Info 10107 (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-plugin/vulnerability-details/10107/assets-affected) HTTP Server Type and Version
  Info 10386 (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-plugin/vulnerability-details/10386/assets-affected) Web Server No 404 Error Code Check
  Info 11219 (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-plugin/vulnerability-details/11219/assets-affected) Nessus SYN scanner

  
  Assets: Top 5

  Asset Critical High Medium Low Info Total
  devic.greenbox.com.au (https://cloud.tenable.com/tio/app.html#/assess/scans/vm-scans/folders/my-scans/scan-details/35/4cbc1cee-bb2b-4eff-b438-389d91d91fd7/by-asset/asset-details/2/vulns) 0 0 2 0 20 22

  
  This is a report from Tenable.io (https://cloud.tenable.com/) .
  Tenable.io is published by Tenable, Inc
  6100 Merriweather Dr, Columbia, MD 21044
  © 2023 Tenable, Inc. All rights reserved.

  0
• 

  KC George

  • May 18, 2023 05:25

  Hi Viraj,

  Our developers are aware of this problem, as I indicated to you in the other thread, and we will strive to have it fixed. Once we have fixed these vulnerabilities, we will inform you.

  0

Please sign in to leave a comment.