Security Audit flags System Manager with multiple Security Weaknesses
Applies to
ONTAP System Manager 9.14P1
Issue
A security scanner performing a security audit against System Manager web services flags the application with the following security weaknesses
- Strict transport security not enforced
- Client-side JSON injection
- Source code disclosure