Hi all,
I recently ran a vuln scan of an in production vCenter server with Nessus and got a few items that I'm not sure how to resolve. A quick google didn't give me as much info as I would have liked, so I'd like to know if these are actual concerns, and if they are even able to be resolved without breaking vCenter. I'm running vCenter 5.1.0 1064983 on Win2008R2.
Nessus Plugin ID 11213 - The remote web server supports the TRACE and/or TRACK HTTP methods.
Nessus Plugin ID 62565 - The remote service has one of two configurations that are known to be required for the CRIME attack.
Thanks for any assistance you can provide!
Mark