Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
5
Helpful
1
Replies

CSCvh77391 - PI 3.4 - Low SSH Server CBC Mode Ciphers Enabled

ross.c.hooge@nasa.gov
Level 1
Level 1

‎01-13-2020 01:26 PM

So, I upgraded to 3.7 and I'm still getting this vulnerability on a NESSUS scan.  It says it's fixed in 3.6 so what gives?

3 people had this problem
Labels:
1 Reply 1

bsetexast
Level 1
Level 1

‎07-01-2020 11:19 AM

I too had the same finding on a nessus scan. I did find a solution after hacking around a bit on my prime server.

 

Steps:

1. SSH into the Prime server

2. Run the shell command

In my case it was the first time I had run it and it conveniently asked me to setup a shell password...so go ahead and do that. Then you will need to run the shell command again

3. You now should see "ade #"

4. Run this to edit the sshd_config - sudo vi /etc/ssh/sshd_config

Normally the ciphers in this file at near the top few sections but Cisco put them at the bottom

5. Find this line "Ciphers aes256-cbc,aes192-cbc,aes128-cbc,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,3des-cbc"

6. Remove any ciphers you do not want from that line. (GOOGLE vi if you are unfamiliar with how to do this)

7. Save the file

8. Reboot...and BOOM FIXED!!

 

nmap scan before:

| encryption_algorithms: (9)
| aes256-cbc
| aes192-cbc
| aes128-cbc
| aes256-gcm@openssh.com
| aes128-gcm@openssh.com
| aes256-ctr
| aes192-ctr
| aes128-ctr
| 3des-cbc

 

nmap after:

| encryption_algorithms: (3)
| aes256-ctr
| aes192-ctr
| aes128-ctr

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents