These are the resources that are sent to each Cloudfront end point for serving up logos and JS files for the login pages. There is no private information and these are the same across all Cloudfront services for each region to allow quick display of messages and logos.
------------------------------
Robert Wakefield-Carl
Avtex Solutions, LLC
Contact Center Innovation Architect
robertwc@avtex.comhttps://www.Avtex.comhttps://RobertWC.Blogspot.com------------------------------
Original Message:
Sent: 04-25-2022 11:27
From: Karl Reed
Subject: Web Server Directory Enumeration: The directory https://login.mypurecloud.ie/assets/ is open
Hi All, if you paste the following link into your browser "https://login.mypurecloud.ie/assets/" - Here you will see a directory structure. Here it's possible to enumerate directories on the webserver.
Does Genesys see this as an issue / Security risk ?
Does this actually pose a Security Risk
Reason = I have customers questioning this.
#ArchitectureandDesign
#Security
#Architectureandtechnology
------------------------------
Regards,
Karl Reed
------------------------------