Switching

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

ex2300-48t VA (Vulnerability Assesment) SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

This thread has been viewed 2 times
  • 1.  ex2300-48t VA (Vulnerability Assesment) SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

    Posted 05-05-2022 05:39
    Hi all,

    Have you ever had a similar case with me in ex2300-48t
    I have some issues in ex2300-48t, I test VA  (Vulnerability Assessment) the result is high with the comment "SSL/TLS: Report Vulnerable Cipher Suites for HTTPS" how to solve it?





    ------------------------------
    Nichola Nathaniel
    ------------------------------


  • 2.  RE: ex2300-48t VA (Vulnerability Assesment) SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

    Posted 05-05-2022 05:58
    This is triggered by the jweb on the device which on the ex2300 platform is a separate install that needs to match the Junos version.

    One option is to turn off the use of the web based interface if you are not using it for management.  This is simply remove the http and https configuration under system.

    If you need to use jweb then you find the security advisory being hit here and then upgrade both the Junos and the jweb to the version where this has been patched.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------