- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-18-2014 09:30 AM - edited 03-10-2019 09:56 PM
Hi , a security audit has found that the SSH server service on our ACS 5.5.0.46 is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attackerto recover the plaintext message from the ciphertext.
The advise is to enable CTR or GCM cipher mode encryption - how can this be done ? Is it some thing that can be performed from the command line?
Thanks.
Solved! Go to Solution.
- Labels:
-
AAA
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2014 11:15 PM
Unfortunately at this moment there is no a supported method to disable this option on ACS.
this issue addressed by:
CSCup58251 Cisco Secure ACS evaluation of CVE-2008-5161
https://tools.cisco.com/bugsearch/bug/CSCup58251/?reffering_site=dumpcr
All ACS versions are affected.
this vulnerability is fixed in ACS 5.7 version which is expected to be released between mid and late May 2015
Tariq
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2014 11:15 PM
Unfortunately at this moment there is no a supported method to disable this option on ACS.
this issue addressed by:
CSCup58251 Cisco Secure ACS evaluation of CVE-2008-5161
https://tools.cisco.com/bugsearch/bug/CSCup58251/?reffering_site=dumpcr
All ACS versions are affected.
this vulnerability is fixed in ACS 5.7 version which is expected to be released between mid and late May 2015
Tariq
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2014 09:37 AM
Thanks for the reply Tariq.
