Active IQ Unified Manager Discussions

OCUM 6.4 weak encryption algorithms & CBC ciphers remediation

SMLocke
2,769 Views

Hello, comrades!

 

As part of a vulnerability scan, my OCUM 6.4P1 server tripped on two particular encryption-related vulnerabilities: Weak MAC algorithms enabled (hmac-sha1-96, hmac-sha2-256-96, and hmac-sha2-512-96), and CBC mode ciphers enabled (aes128-cbc, aes192-cbc, and aes256-cbc). Has anyone else encountered this with the OVA version of OCUM 6.4P1, and have been able to remediate it?

 

Thanks!

1 ACCEPTED SOLUTION

niels
2,715 Views

Hi SMLocke,

 

OCUM 6.4P1 has been pulled a while ago and instead the support site recommends to install 6.4P2 which has lots of security fixes.

A list of fixes can be found here:

http://mysupport.netapp.com/NOW/download/software/oncommand_cdot/6.4P2/

 

regards, Niels

View solution in original post

1 REPLY 1

niels
2,716 Views

Hi SMLocke,

 

OCUM 6.4P1 has been pulled a while ago and instead the support site recommends to install 6.4P2 which has lots of security fixes.

A list of fixes can be found here:

http://mysupport.netapp.com/NOW/download/software/oncommand_cdot/6.4P2/

 

regards, Niels

Public