Hi,
My customer have configured Splunk to get the data in from "GitHub audit log stream" with Http Event Collector installed in their DMZ Server(with 8088 port open to the outside internet), Which forwards the data to another Splunk server within their secure server with only 9997, 8000 and 8088 port opened.
But, in order to open 8088 port from DMZ Server, they have to complete their Security Vulnerability Check.
The problem is that the check returned with various security vulnerabilities, and that prevents them to open the port.
the vulnerabilities returned is as below.
phpPgAdmin redirect.php URL redirection
Spring Boot Actuator endpoint exposed
Missing "Content-Security-Policy" header
Sensitive Authentication (Basic) Information Leakage
Missing HttpOnly attribute in session cookie
Cookies with insecure, incorrect or missing SameSite attributes
Discover compressed directories
Unnecessary Http response headers were found in the application
Include sensitive session information in persistent cookies
Discovery of web application source code exposure patterns
host header injection
Are there any security vulnerability check reports done by Splunk? or some way to solve this vulnerability?
Thank you in advance.
