AnsweredAssumed Answered

3 SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability

Question asked by Anand Nayak on Jun 5, 2012
Latest reply on Jun 6, 2012 by j457

Hello,

 

I made the all the changes by including  –CBC in configuration file. Still I am getting these vulnerability.

Could you please help me with this issue?

 

Below output of conf file

 

# activate SSL

LoadModule ssl_module modules/mod_ssl.so

 

SSLSessionCache dbm:/opt/SMAW/SMAWrtpa2/logs/ssl_gcache_data

 

 

SSLProtocol -ALL +SSLv3 +TLSv1

SSLHonorCipherOrder On

SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA-SHA-CBC:+HIGH:+MEDIUM:!MD5:!SSLv2

 

FileETag None

 

 

Include conf/appconf/*.conf

Include conf/rtp.conf.

 

 

How to resolvethis issue?

Outcomes