Overview
A vulnerability scan of the Exinda finds this issue on Exinda devices running version 7.4.9 and below.
HTTP Strict Transport Security (HSTS) makes browsers use HTTPS instead of HTTP to access the devices, making the sessions more secure.
This article addresses an issue where you may find the HSTS option missing from an Exinda web server.
Environment
ExOS 7.4.9 and below.
Root Cause
This feature is not enabled in older versions on Exinda.
Resolution
HSTS has been enabled on the Exinda web servers from version 7.4.10 and above. Upgrade to version 7.4.10 or above, to fix this issue.