cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AppMon 6.5.0.1289 How to disable HTTP TRACE method?

trung_dang
Newcomer

DIAGNOSIS

The remote Web server supports the TRACE and/or TRACK HTTP methods, which makes it easier for remote attackers to steal cookies and authentication credentials or bypass the HttpOnly protection mechanism.
Track / Trace are required to be disabled to be PCI compliance.

CONSEQUENCE

If this vulnerability is successfully exploited, attackers can potentially steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism.

How do I disable HTTP trace method on my Dynatrace server port 8040, 8041, 8042, 8043?

Thank you for your time.


2 REPLIES 2

tarun_agastya2
Inactive

Hi Trung,

Are you able to fix this issue.Can you please let us know if you got any fix.

Thanks,

Tarun


trung_dang
Newcomer

Upgrade AppMon to 7.2 and the problem is fixed.