cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

CISCO SWITCHES FOR SMALL and MEDIUM BUSINESS

Introducing the next generation of Cisco Small and Medium Business Switches. Cisco is refreshing its SMB Switch portfolio. Click here  to learn more.


741
Views
5
Helpful
3
Replies
edgallagherCNS
Beginner

Vunerability scan SG300

I have recently upgraded the firmware on a SG300-28 to 1.4.10.6

I am now getting a vulnerability scan result with the title: Web Server Generates CORS Headers Using User Supplied Values

This is being flagged on port 80 and port 443.

Does anyone have an idea on where I would start on dealing with this issue?

Thanks!

Ed Gallagher

1 ACCEPTED SOLUTION

Accepted Solutions
Sujoy Paria
Cisco Employee

Hi Ed,

This type of error was reported earlier for 350/550 series Switches, and it used to generate due to the introduction of SNA feature. However, for 300 series switches with the latest firmware 1.4.10.6 it was not reported earlier.

 

Please open a service request with us by contacting our frontline number; accordingly we can investigate further on this issue. Please follow the below mentioned link to contact us…

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

View solution in original post

3 REPLIES 3
Seb Rupik
VIP Advisor

Hi there,

Personally I would just disable the HTTP(S) service on the switch and just administrate it vai SSH:

!
no ip http server
no ip http secure-server
!

cheers,

Seb.

Sujoy Paria
Cisco Employee

Hi Ed,

This type of error was reported earlier for 350/550 series Switches, and it used to generate due to the introduction of SNA feature. However, for 300 series switches with the latest firmware 1.4.10.6 it was not reported earlier.

 

Please open a service request with us by contacting our frontline number; accordingly we can investigate further on this issue. Please follow the below mentioned link to contact us…

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

Thank you!

Create
Recognize Your Peers
Polls
How would you describe your level of technical expertise?