AnsweredAssumed Answered

Citrix Secure Gateway - QID 12034, 86400, 90780

Question asked by Raj Choksey on Aug 19, 2014

We are failing the Mcafee-Qualys PCI scan on Windows 2008R2 server running Citrix Secure Gateway 3.3.2 and Citix Web Interface 5.4.0.59 on the same server. The PCI scan is failing and is being flagged for the 3 vulnerabilities. I need to resolve these. Any help is greatly appreciated.

Thanks

 

1.QID 12034: Microsoft ASP.NET Custom Errors Found Turned Off.

2. QID 86400: Web Server Reveals Absolute Path

3. QID 90780: Microsoft ASP.NET ValidateRequest Filters Bypass Cross-Site Scripting Vulnerability

Outcomes