The Vulnerability Scan Report shows,
"X-Frame-Options or Content-Security-Policy: frame-ancestors HTTP Headers missing on port 8012.
GET / HTTP/1.0 Host: sampleserver.sample.com:8012 X-XSS-Protection HTTP Header missing on port 8012. X-Content-Type-Options HTTP Header missing on port 8012. Content-Security-Policy HTTP Header missing on port 8012."
All supported DevTest environments
We noticed the following:
HTTPS VSM listening on port 8012
Path to the webreckeys keys in the VSM Listen Step were different.
Stopped the service that is running on port 8012
Updated the path to webreckeys.ks as that was incorrect.
Ran the vulnerability scan and did not see any issues.