OLVM: HTTP Vulnerabilities - HSTS Missing From HTTPS Server (RFC 6797) Reported on Manager and KVM Hosts
(Doc ID 2987072.1)
Last updated on NOVEMBER 17, 2023
Applies to:
Linux OS - Version Oracle Linux 7.9 with Unbreakable Enterprise Kernel [5.4.17] and laterLinux x86-64
Goal
To verify and fix the below HTTPS Vulnerabilities reported on OLVM Manager and KVM hosts.
HSTS Missing From HTTPS Server (RFC 6797):
-
Port 6100 on engine host used by ovirt-websocket-proxy service
-
Port 54323 on engine host and 54322 on kvm host used by ovirt-imageio-proxy
-
Port 35357 on engine host used by ovirt-provider-ovn service
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| References |