1 Reply Latest reply on Oct 2, 2016 10:53 AM by Test Screen Name

    PCI Compliance on Adobe Business Catalyst Platform

    michaelp339339

      All,

       

      We are in the process of completing threat remediation for a web site hosted on the Adobe Business Catalyst Platform. We are using  Security Metrics for our PCI compliance solution.    All of our internal IP address associated on our network currently pass PCI compliance vulnerability scans.   However, the external web site hosted on the Adobe Business Catalyst Platform fails several vulnerabilities.   Most of the vulnerabilities that require remediation, we do not have control to the back end server infrastructure to make the necessary remediation changes.    What suggestions do you have to remediate the following:

       

      Port                            443                        

      Protocol                            TCP                        

      Service                            www                        

                          

      Title                        TLS Version 1.0 Protocol Detection (PCI DSS

       

      Port                            443                        

      Protocol                            TCP                        

      Service                            www                        

                          

      Title                        SSL Certificate with Wrong Hostname

       

      Port                            443                        

      Protocol                            TCP                        

      Service                            www                        

                          

      Title                        Web Application Potentially Vulnerable to Clickjacking