cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
969
Views
0
Helpful
2
Replies

vulnerability FIX

AHMADJ
Level 1
Level 1

can you please advise how to fix the below vulnaberites on ISR4461

IOS latest updated

vulnerability risk Vuln Refrence synopsis
SSL Certificate Expiry 15901 The remote server's SSL certificate has already expired.
SSL Weak Cipher Suites Supported 26928 The remote service supports the use of weak SSL ciphers.
SSL Certificate Signed Using Weak Hashing Algorithm 35291 An SSL certificate in the certificate chain has been signed using a
weak hash algorithm.
Unencrypted Telnet Server 42263 The remote Telnet server transmits traffic in cleartext.
SSL Medium Strength Cipher Suites Supported (SWEET32) 42873 The remote service supports the use of medium strength SSL ciphers.
SSL Certificate Cannot Be Trusted 51192 The SSL certificate for this service cannot be trusted.
SSL Self-Signed Certificate 57582 The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.
Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key 62694 The remote IKEv1 service supports Aggressive Mode with Pre-Shared key.
SSL RC4 Cipher Suites Supported (Bar Mitzvah) 65821 The remote service supports the use of the RC4 cipher.
TLS Version 1.0 Protocol Detection 104743 The remote service encrypts traffic using an older version of TLS.
TLS Version 1.1 Protocol Deprecated 157288 The remote service encrypts traffic using an older version of TLS.
SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) 83875 The remote host allows SSL/TLS connections with one or more
Diffie-Hellman moduli less than or equal to 1024 bits.
2 Replies 2

Leo Laohoo
Hall of Fame
Hall of Fame

Elito Haylett
Level 1
Level 1

I used the Cisco CLI Analyzer that did a complete analysis of my routers and will provide you with the ouput of any issues and recommendation to address them. It's available as a free tool on the Cisco download page if you have access.

https://software.cisco.com/download/home/286311499/type/286312309/os