/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
An HTTP entry point URL of a Netweaver system is submitted into a web Application Vulnerability Scanner (i.e. https://securityheaders.com/). As result, there might be some HTTP headers considered missing and/or the presence of others can be deemed as a potential vulnerability.
Read more...
Environment
- SAP Netweaver
- Internet Communication Manager
- SAP Web Dispatcher
Product
SAP NetWeaver all versions
Keywords
Missing Security Headers, HTST, CSP, Content Security Policy, X-Frame-Options, CSRF Token, X-XSS-Protection, X-Content-Type-Options, SAP GUI, Disable Cross Site Scripting Protection , KBA , BC-CST-IC , Internet Communication Manager , BC-CST-WDP , Web Dispatcher , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)