Hi All,
I have a question on how to disable RC4 Cipher Suites Supported on Cisco Prime Infrastructure Platform.
My Client have use Nessus Software to scan on prime. and found on below vulnerability
SSL RC4 Cipher Suites Supported
Cisco prime infrastructure deploy on latest 2.1
we have gain the root access and modifier the ssl.conf and restart the service also unable to solve.
/opt/CSCOlumos/httpd/ssl/backup/ssl.conf
/opt/CSCOlumos/httpd/ssl/ssl.conf
C:\Program Files\Tenable\Nessus>nessuscmd -v -p 443 -i 21643 192.168.1.55
Starting nessuscmd 5.2.7
Scanning '192.168.1.55'...
Host 192.168.1.55 is up
Discovered open port https (443/tcp) on 192.168.1.55
[i] Plugin 21643 reported a result on port https (443/tcp) of 192.168.1.55
+ Results found on 192.168.1.55 :
- Port https (443/tcp) is open
[i] Plugin ID 21643
| Here is the list of SSL ciphers supported by the remote server :
| Each group is reported per SSL Version.
| SSL Version : TLSv1
| Medium Strength Ciphers (>= 56-bit and < 112-bit key)
| DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-C
| C(56) Mac=SHA1
.....
| RC4-MD5 Kx=RSA Au=RSA Enc=RC4(1
| 8) Mac=MD5
| RC4-SHA Kx=RSA Au=RSA Enc=RC4(1
| 8) Mac=SHA1
|
| SSL Version : SSLv3
| Medium Strength Ciphers (>= 56-bit and < 112-bit key)
| DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-C
| C(56) Mac=SHA1
| DES-CBC-SHA Kx=RSA Au=RSA Enc=DES-C
| C(56) Mac=SHA1
| High Strength Ciphers (>= 112-bit key)
| EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES(
| 68) Mac=SHA1
....
| RC4-MD5 Kx=RSA Au=RSA Enc=RC4(1
| 8) Mac=MD5
| RC4-SHA Kx=RSA Au=RSA Enc=RC4(1
| 8) Mac=SHA1
| The fields above are :
Accepted Solutions
