Question

How to mitigate identified vulnerability CVE-2016-2183 - The remote service supports the use of medium strength SSL ciphers.

  • 14 November 2023
  • 3 replies
  • 287 views
Z
Rank
Badge +4

Description: The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite. Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network.

How to reconfigure the affected application if possible to avoid use of medium strength ciphers? Appreciate an advise on this?

3 replies

H
Rank
Userlevel 5
Badge +10

Hi,
Both Apps10 and IFS Cloud have configurable Ciphers to meet specific customer needs.
​​​​

https://docs.ifs.com/techdocs/23r1/070_remote_deploy/010_installing_fresh_system/200_installing_ifs_cloud/035_ifs_cloud_ifsinstaller/030_installation_parameters/#general_parameters

https://docs.ifs.com/techdocs/Foundation1/020_installation/020_installing_fresh_system/040_installing_ifs_applications/030_deploy_middle_tier/hidden_itd/040_webserver_configuration.htm?nobanner=true

S
Rank
Userlevel 1
Badge +5

Hi, Are there any recommendations for a strong SSL cipher suite which would be suitable for IFS Cloud?

H
Rank
Userlevel 5
Badge +10

This is HTTP config - there is no dependency to IFS here, so we don’t have any recommendations.
RnD updates the ciphers when we think they are too old. But setting a general set of ciphers is harder than setting one/two strong ciphers the way an individual customer can given the knowledge of the clients that need to connect. 

It is pretty complicated to get a good set of ciphers that all get A on the https://www.ssllabs.com/ test but still covers older browsers and mobile devices… 
 

Reply


Terms & ConditionsCookie settings