2017-01-19 10:06 AM
As part of a vulnerability scan, my OCUM 6.4P1 server tripped on two particular encryption-related vulnerabilities: Weak MAC algorithms enabled (hmac-sha1-96, hmac-sha2-256-96, and hmac-sha2-512-96), and CBC mode ciphers enabled (aes128-cbc, aes192-cbc, and aes256-cbc). Has anyone else encountered this with the OVA version of OCUM 6.4P1, and have been able to remediate it?
Solved! SEE THE SOLUTION
2017-01-20 01:15 AM
OCUM 6.4P1 has been pulled a while ago and instead the support site recommends to install 6.4P2 which has lots of security fixes.
A list of fixes can be found here: