Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
643
Views
0
Helpful
1
Replies

AutoComplete Attribute Not Disabled for Password in Cisco FMC 1000

Go to solution
nocitinfra
Level 1
Level 1

‎10-27-2023 04:17 AM

During recent Vulnerability assessment we have observed one vulnerability of Autocomplete attribute is not disabled on password fields which is allowing browser to get the password for local user. How we can address this in FMC. As per VA suggestion , they have advised to Add the attribute 'autocomplete=off' to these fields to prevent browsers from caching credentials, but I need more clarity on this part for its feasibility & detailed documentation if any.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-27-2023 07:05 AM

This is not configurable in FMC as far as I know. That includes up to the latest version 7.4.

You can open a TAC case or work with your Cisco account team to report it for consideration as an enhancement (ENH) bug if that helps satisfy your compliance obligation.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-27-2023 07:05 AM

This is not configurable in FMC as far as I know. That includes up to the latest version 7.4.

You can open a TAC case or work with your Cisco account team to report it for consideration as an enhancement (ENH) bug if that helps satisfy your compliance obligation.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card