AnsweredAssumed Answered

SSL/TLS use of weak RC4 cipher (Windows 2012 Standard)

Question asked by Mina Medel on Mar 19, 2018
Latest reply on Mar 21, 2018 by Mina Medel

Can anyone provide me solution to resolve this finding?

I have already added the ff. registry values but this finding is still existing after rescan.

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]
"Enabled"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128]
"Enabled"=dword:00000000

 

I've also read that this should be disabled by default for W2k12, how come it is still showing as a vulnerability?

Outcomes