11-30-2023 09:00 AM
can you please advise how to fix the below vulnaberites on ISR4461
IOS latest updated
vulnerability | risk | Vuln Refrence | synopsis |
SSL Certificate Expiry | 15901 | The remote server's SSL certificate has already expired. | |
SSL Weak Cipher Suites Supported | 26928 | The remote service supports the use of weak SSL ciphers. | |
SSL Certificate Signed Using Weak Hashing Algorithm | 35291 | An SSL certificate in the certificate chain has been signed using a weak hash algorithm. |
|
Unencrypted Telnet Server | 42263 | The remote Telnet server transmits traffic in cleartext. | |
SSL Medium Strength Cipher Suites Supported (SWEET32) | 42873 | The remote service supports the use of medium strength SSL ciphers. | |
SSL Certificate Cannot Be Trusted | 51192 | The SSL certificate for this service cannot be trusted. | |
SSL Self-Signed Certificate | 57582 | The SSL certificate chain for this service ends in an unrecognized self-signed certificate. |
|
Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key | 62694 | The remote IKEv1 service supports Aggressive Mode with Pre-Shared key. | |
SSL RC4 Cipher Suites Supported (Bar Mitzvah) | 65821 | The remote service supports the use of the RC4 cipher. | |
TLS Version 1.0 Protocol Detection | 104743 | The remote service encrypts traffic using an older version of TLS. | |
TLS Version 1.1 Protocol Deprecated | 157288 | The remote service encrypts traffic using an older version of TLS. | |
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) | 83875 | The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. |
11-30-2023 01:22 PM
11-30-2023 04:43 PM
I used the Cisco CLI Analyzer that did a complete analysis of my routers and will provide you with the ouput of any issues and recommendation to address them. It's available as a free tool on the Cisco download page if you have access.
https://software.cisco.com/download/home/286311499/type/286312309/os
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide