IBM Support

IT34289: SPECTRUM CONTROL LIBERTY WELCOME PAGE AND ADMIN CENTER DO NOT USE HSTS HEADERS

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED:                                              *
* IBM Spectrum Control users scanning for vulnerabilities      *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* During vulnerability test, the ports 9569, 9556, 9551        *
* show security alerts for HSTS headers not being used.        *
*                                                              *
* Vulnerability scan runs for default URLs as below            *
* and thus throws alert for HSTS header not being used         *
* in scan reports.                                             *
*                                                              *
* https://localhost:9551/                                      *
* https://localhost:9556/                                      *
* https://localhost:9569/                                      *
****************************************************************
* RECOMMENDATION:                                              *
* Apply fix maintenance when available                         *
****************************************************************

    



Problem conclusion


    

  • The fix for this APAR is targeted for the following release:

IBM Spectrum Control 5.4.2   [ 5.4.2-IBM-SC ]

( release target 1Q 2021 / March )

http://www.ibm.com/support/docview.wss?&uid=swg21320822

The target dates for future releases do not represent a formal
commitment by IBM. The dates are subject to change without
notice.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IT34289
    • 

  • Reported component name
    TPC ADVANCED
    • 

  • Reported component ID
    5608TPCA0
    • 

  • Reported release
    537
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-09-21
    • 

  • Closed date
    2020-11-16
    • 

  • Last modified date
    2020-11-16
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    TPC ADVANCED
    • 

  • Fixed component ID
    5608TPCA0
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SSNECY","label":"Tivoli Storage Productivity Center Advanced"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"537"}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            24 June 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback