HSTS Web Vulnerability & Security Checks | Invicti

Home / Vulnerabilities / HSTS

Select Category

Search Vulnerability

Vulnerability Name

Classifications

Severity

HTTP Strict Transport Security (HSTS) Errors and Warnings

CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2013-A5, OWASP 2017-A6

Medium

HTTP Strict Transport Security (HSTS) Policy Not Enabled

CAPEC-217, CWE-523, ISO27001-A.14.1.2, WASC-4, OWASP 2013-A6, OWASP 2017-A3, CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L

Medium

HTTP Strict Transport Security (HSTS) Max-Age Value Too Low

CWE-16, ISO27001-A.14.1.2, WASC-15

Information

HTTP Strict Transport Security (HSTS) via HTTP

CWE-16, ISO27001-A.14.1.2, WASC-15, OWASP 2017-A6

Information

Build your resistance to threats. And save hundreds of hours each month.

Get a demo See how it works