cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1020
Views
10
Helpful
1
Replies

CSCvr37610 - [SMA] NGINX service offers SSLv3 method

Mark Thorne
Level 1
Level 1

We have upgraded our secondary appliance to the recommended version, 13.0.0-239, but the SSLv3 is still listed as enabled/vulnerable.  The only option for disabling SSLv3 is via the config file and only for the EUQ; there is still not an option to disable it for the 'new look' interface:
<sslv3config>
<euq_sslv3_enabled>0</euq_sslv3_enabled>
</sslv3config>

I have not yet attempted to disable TLS1 or 1.1 since this initial issue is still not resolved.

How can we disable it and remove these critical vulnerabilities?

Thanks

1 Accepted Solution

Accepted Solutions

Mark Thorne
Level 1
Level 1

Please disregard my question; I have confirmed the upgrade does resolve the SSLv3 vulnerability.

 

Thanks!

View solution in original post

1 Reply 1

Mark Thorne
Level 1
Level 1

Please disregard my question; I have confirmed the upgrade does resolve the SSLv3 vulnerability.

 

Thanks!