Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1155
Views
5
Helpful
3
Replies

Vunerability scan SG300

Go to solution
edgallagherCNS
Level 1
Level 1

‎06-11-2019 08:43 AM

I have recently upgraded the firmware on a SG300-28 to 1.4.10.6

I am now getting a vulnerability scan result with the title: Web Server Generates CORS Headers Using User Supplied Values

This is being flagged on port 80 and port 443.

Does anyone have an idea on where I would start on dealing with this issue?

Thanks!

Ed Gallagher

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sujoy Paria
Cisco Employee
Cisco Employee

‎06-13-2019 06:01 AM

Hi Ed,

This type of error was reported earlier for 350/550 series Switches, and it used to generate due to the introduction of SNA feature. However, for 300 series switches with the latest firmware 1.4.10.6 it was not reported earlier.

 

Please open a service request with us by contacting our frontline number; accordingly we can investigate further on this issue. Please follow the below mentioned link to contact us…

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

View solution in original post

3 Replies 3

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎06-11-2019 09:29 AM

Hi there,

Personally I would just disable the HTTP(S) service on the switch and just administrate it vai SSH:

!
no ip http server
no ip http secure-server
!

cheers,

Seb.

0 Helpful

Go to solution
Sujoy Paria
Cisco Employee
Cisco Employee

‎06-13-2019 06:01 AM

Hi Ed,

This type of error was reported earlier for 350/550 series Switches, and it used to generate due to the introduction of SNA feature. However, for 300 series switches with the latest firmware 1.4.10.6 it was not reported earlier.

 

Please open a service request with us by contacting our frontline number; accordingly we can investigate further on this issue. Please follow the below mentioned link to contact us…

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

Go to solution
edgallagherCNS
Level 1
Level 1
In response to Sujoy Paria

‎06-13-2019 07:58 AM

Thank you!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X
Customers Also Viewed These Support Documents