A fix is available
APAR status
Closed as suggestion for future release.
Error description
Potentially sensitive information sent over SSL may be being cached in the browser. Some pages were returned with the 'Cache-Control' not set, meaning that the response can be cached in the requesting browsers cache. This poses a risk if the page contains sensitive data and an attacker obtains access to the browser cache. Recommendation: If caching is not required, the 'Cache-Control' header should be set to no-cache or no-store. . Business impact ( BusImpact ) This item discovered during a Security Assessment, risk level is Low - COSO Level 2
Local fix
Problem summary
Problem conclusion
Temporary fix
Comments
There is no sensitive data in these cache,but we improve this by set cache flag
APAR Information
APAR number
PI22001
Reported component name
BUILD FORGE EE
Reported component ID
5724S2701
Reported release
713
Status
CLOSED SUG
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-07-14
Closed date
2014-10-16
Last modified date
2014-10-16
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSB2MV","label":"Rational Build Forge"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.1.3","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
15 October 2021