Hi,
Received below vulnerabilites on my virtual esa, need to know is it any ffirmware address this all.
| SSH Server CBC Mode Ciphers Enabled | CVE-2008-5161 | Low | Disable all weak CBC-mode ciphers on the SSH server including 3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, blowfish-cbc, and cast128-cbc |
| Web Server Transmits Cleartext Credentials | CWE-523 | Low | Make sure that every sensitive form transmits content over HTTPS. |
| Web Server Allows Password Auto-Completion | CWE-522 | Low | Add the attribute 'autocomplete=off' to these fields to prevent browsers from caching credentials. |
