How to mitigate identified vulnerability CVE-2016-2183 - The remote service supports the use of medium strength SSL ciphers.

Description: The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite. Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.

How to reconfigure the affected application if possible to avoid use of medium strength ciphers? Appreciate an advise on this?

Page 1 / 1

Hi,
Both Apps10 and IFS Cloud have configurable Ciphers to meet specific customer needs.

https://docs.ifs.com/techdocs/23r1/070_remote_deploy/010_installing_fresh_system/200_installing_ifs_cloud/035_ifs_cloud_ifsinstaller/030_installation_parameters/#general_parameters

https://docs.ifs.com/techdocs/Foundation1/020_installation/020_installing_fresh_system/040_installing_ifs_applications/030_deploy_middle_tier/hidden_itd/040_webserver_configuration.htm?nobanner=true

Hi, Are there any recommendations for a strong SSL cipher suite which would be suitable for IFS Cloud?

This is HTTP config - there is no dependency to IFS here, so we don’t have any recommendations.
RnD updates the ciphers when we think they are too old. But setting a general set of ciphers is harder than setting one/two strong ciphers the way an individual customer can given the knowledge of the clients that need to connect.

It is pretty complicated to get a good set of ciphers that all get A on the https://www.ssllabs.com/ test but still covers older browsers and mobile devices…

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded