Hello Qualys Community,
We ran SSL Server test on SSL Labs site and the overall rating shows as 'F' now with the below messages for Ciphers and Protocol section.If we removed the CBC weak one's from CipherSuite the status changed to A+ rating but the application cannot load on IE 11.
We opened a support case with Vendor but they said no Vulnerabilities on OHS 12c, but requested more details from SSL Labs. Can you please provide the requested details below by vendor?
You have not provided information that shows a vulnerability.
I have provided you the requirements from you in order to move this forward.
It is up to you to get the required information from the scanning software company on
how our software is vulnerable and how it can be exploited. We need details on this
from you. There is nothing to escalate until you provide us this required information.
0xc027) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK128TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (
0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS128TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (
0xc028) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK256
|DROWN||No, server keys and hostname not seen elsewhere with SSLv2|
|Secure Client-Initiated Renegotiation||Yes|
|Insecure Client-Initiated Renegotiation||No|
|BEAST attack||Mitigated servr-side (more info)|
|POODLE (SSLv3)||No, SSL 3 not supported (more info)|
|POODLE (TLS)||No (more info)|
|Zombie POODLE||No (more info) TLS 1.2 : |
|GOLDENDOODLE||No (more info) TLS 1.2 : |
|OpenSSL 0-Length||Yes (more info) TLS 1.2 : |