IBM Support

Streams 3.1 Security Assessment False Positives

Technote (FAQ)


Why do you recieve security assesment warnings for InfoSphere Streams Version 3.1?


Streams returns static text rather than an http response code when the streams console receives any URL containing the path '..streams/admininstance/streamsScript..'.   Anything on the URL following 'streamsScript' is ignored.

Configure your scan tool to ignore URLs with '..streams/admininstance/streamsScript..'
or to accept the static text as an acceptable response to the requests.  This allows for clean and accurate security scans.

Document information

More support for: IBM Streams

Software version: 3.1

Operating system(s): Linux

Reference #: 1648191

Modified date: 11 September 2013