Switching

 View Only
last person joined: 12 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
Back to discussions
Expand all | Collapse all

ex2300-48t VA (Vulnerability Assesment) SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

  • 1.  ex2300-48t VA (Vulnerability Assesment) SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

    Posted 05-05-2022 05:39
    Hi all,

    Have you ever had a similar case with me in ex2300-48t
    I have some issues in ex2300-48t, I test VA  (Vulnerability Assessment) the result is high with the comment "SSL/TLS: Report Vulnerable Cipher Suites for HTTPS" how to solve it?





    ------------------------------
    Nichola Nathaniel
    ------------------------------


  • 2.  RE: ex2300-48t VA (Vulnerability Assesment) SSL/TLS: Report Vulnerable Cipher Suites for HTTPS

    Posted 05-05-2022 05:58
    This is triggered by the jweb on the device which on the ex2300 platform is a separate install that needs to match the Junos version.

    One option is to turn off the use of the web based interface if you are not using it for management.  This is simply remove the http and https configuration under system.

    If you need to use jweb then you find the security advisory being hit here and then upgrade both the Junos and the jweb to the version where this has been patched.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------

    Original Message