Uploaded image for project: 'onedata'
  1. onedata
  2. VFS-12935

Disable unsafe SSL/TLS ciphers

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Minor Minor
    • 21.02.9
    • None
    • None
    • None
    • Sprint 283: Trusty Tomaš
    • 2

      High threat:
      CVE-2016-2183,CVE-2016-6329,CVE-2020-12872
      This routine reports all SSL/TLS cipher suites accepted by a service where attack vectors exists only on HTTPS services.

      TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)
      TLS_DHE_RSA_WITH_DES_CBC_SHA (SWEET32)
      TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32)

      Medium threat:
      CVE-2013-2566,CVE-2015-2808,CVE-2015-4000
      This routine reports all weak SSL/TLS cipher suites accepted by a service.

      'Weak' cipher suites accepted by this service via the TLSv1.2 protocol:

      TLS_ECDHE_RSA_WITH_RC4_128_SHA
      TLS_RSA_PSK_WITH_RC4_128_SHA

            plglopiola Łukasz Opioła
            plglopiola Łukasz Opioła
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: