SGOS version such as 22.214.171.124 is being run.
A vulnerability scanner such as Qualys reports Scan Results that includes the following:
SSL/TLS use of weak RC4 cipher port 8084/tcp over SSL
SSL/TLS Server supports TLSv1.0 port 8084/tcp over SSL
TLSv1 WITH RC4 CIPHERS IS SUPPORTED TLSv1.1 WITH RC4 CIPHERS IS SUPPORTED TLSv1.2 WITH RC4 CIPHERS IS SUPPORTED RC4-MD5 RSA RSA MD5 RC4(128) RC4-SHA RSA RSA SHA1 RC4(128) ECDHE-RSA-RC4-SHA ECDH RSA SHA1 RC4(128)
Upgrade to a later version of SGOS such as 126.96.36.199 (General Availability).
Its Release Notes include Security Fix 257344 which addresses the previously mentioned scan findings:
"Improves the security posture of Client Manager service on port 8084 by removing weak ciphers and TLS versions."
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.