Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11695
Views
0
Helpful
1
Replies

How to fix this vulnerability? "SSH Server CBC Mode Ciphers Enabled" on a cisco switch.

OMAR CANDARAVE
Level 1
Level 1

‎11-13-2015 11:22 AM - edited ‎03-10-2019 12:31 AM


Hi experts,

I just received a document with this vulnerability: "SSH Server CBC Mode Ciphers Enabled" for many cisco switches.

the description says:

"The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions"

and the solution says:

"Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption."

How can I fix that?

Please let me know if you need some information.

4 people had this problem
Labels:
0 Helpful
1 Reply 1

Tagir Temirgaliyev
Spotlight
Spotlight

‎12-03-2015 04:51 AM

https://supportforums.cisco.com/discussion/12406081/disabling-ssh-cbc-cipher-cisco-routersswitches

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents