OLVM: HTTP Vulnerabilities - HSTS Missing From HTTPS Server (RFC 6797) Reported on Manager and KVM Hosts
(Doc ID 2987072.1)
Last updated on NOVEMBER 17, 2023
Applies to:Linux OS - Version Oracle Linux 7.9 with Unbreakable Enterprise Kernel [5.4.17] and later
To verify and fix the below HTTPS Vulnerabilities reported on OLVM Manager and KVM hosts.
HSTS Missing From HTTPS Server (RFC 6797):
Port 6100 on engine host used by ovirt-websocket-proxy service
Port 54323 on engine host and 54322 on kvm host used by ovirt-imageio-proxy
Port 35357 on engine host used by ovirt-provider-ovn service
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document