Streams 3.1 Security Assessment False Positives

Technote (FAQ)


Question

Why do you recieve security assesment warnings for InfoSphere Streams Version 3.1?

Answer

Streams returns static text rather than an http response code when the streams console receives any URL containing the path '..streams/admininstance/streamsScript..'.   Anything on the URL following 'streamsScript' is ignored.

Configure your scan tool to ignore URLs with '..streams/admininstance/streamsScript..'
or to accept the static text as an acceptable response to the requests.  This allows for clean and accurate security scans.

Rate this page:

(0 users)Average rating

Document information


More support for:

InfoSphere Streams

Software version:

3.1

Operating system(s):

Linux

Reference #:

1648191

Modified date:

2013-09-11

Translate my page

Machine Translation

Content navigation