PCI Compliance on Adobe Business Catalyst Platform

Question

All,We are in the process of completing threat remediation for a web site hosted on the Adobe Business Catalyst Platform. We are using  Security Metrics for our PCI compliance solution.    All of our internal IP address associated on our network currently pass PCI compliance vulnerability scans.   However, the external web site hosted on the Adobe Business Catalyst Platform fails several vulnerabilities.   Most of the vulnerabilities that require remediation, we do not have control to the back end server infrastructure to make the necessary remediation changes.    What suggestions do you have to remediate the following: Port                            443                         Protocol                            TCP                         Service                            www                         FALSE POSITIVE                     Title                        TLS Version 1.0 Protocol Detection (PCI DSSPort                            443                         Protocol                            TCP                         Service                            www                         FALSE POSITIVE                     Title                        SSL Certificate with Wrong Hostname Port                            443                         Protocol                            TCP                         Service                            www                         FALSE POSITIVE                     Title                        Web Application Potentially Vulnerable to Clickjacking

Test Screen Name · Answer

Since you've posted in the Acrobat security forum I assume this is related to Acrobat clients. What version of Acrobat Reader or Acrobat are the clients using to connect to the back end?

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded