Solved: OCUM 6.4 weak encryption algorithms & CBC ciphers remediation

SMLocke · ‎2017-01-19

Hello, comrades!

As part of a vulnerability scan, my OCUM 6.4P1 server tripped on two particular encryption-related vulnerabilities: Weak MAC algorithms enabled (hmac-sha1-96, hmac-sha2-256-96, and hmac-sha2-512-96), and CBC mode ciphers enabled (aes128-cbc, aes192-cbc, and aes256-cbc). Has anyone else encountered this with the OVA version of OCUM 6.4P1, and have been able to remediate it?

Thanks!

niels · ‎2017-01-20

Hi SMLocke,

OCUM 6.4P1 has been pulled a while ago and instead the support site recommends to install 6.4P2 which has lots of security fixes.

A list of fixes can be found here:

http://mysupport.netapp.com/NOW/download/software/oncommand_cdot/6.4P2/

regards, Niels

View solution in original post

niels · ‎2017-01-20

Hi SMLocke,

OCUM 6.4P1 has been pulled a while ago and instead the support site recommends to install 6.4P2 which has lots of security fixes.

A list of fixes can be found here:

http://mysupport.netapp.com/NOW/download/software/oncommand_cdot/6.4P2/

regards, Niels

OCUM 6.4 weak encryption algorithms & CBC ciphers remediation

Get ready to power on