01-06-2016 12:12 AM - edited 03-12-2019 12:06 AM
We have received following penetration vulnerability for Cisco ASA Firewall 5500 (S/N: JM164940Q0)
Vulnerabilities |
Risk/Severity |
Recommendation by vendor for closure of vulnerabilities |
Multiple issues related to SSL certificates were identified on hosts mentioned below: |
Medium |
It is recommended to implement these:- |
Multiple issues related to SSH were identified on hosts mentioned below: |
Medium |
Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption |
01-06-2016 12:14 AM
plz tell me solution for this ,its very ungent
01-06-2016 07:06 AM
You are running a legacy (non-X) ASA? Then you are quite limited what you can do.
ssl server-version tlsv1-only
ssl encryption dhe-aes128-sha1 dhe-aes256-sha1 aes128-sha1 aes256-sha1
With a newer ASA (X-Models) there are some more options available.
02-07-2016 10:03 AM
CSCuv19728 for the SSH issue.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
> plz tell me solution for this ,its very ungent
This is a community-based forum where people help in their free time. If it's really urgent, you should open a TAC-case.