SolidFire and HCI
SolidFire and HCI
Hello,
Nessus scan discover CVE-2008-5161 HCI IPMI Weak MAC Algorithms as below, I cannot found below solution from google or NetApp support portal, anyone advise?
71049 - SSH Weak MAC Algorithms Enabled
Synopsis
The remote SSH server is configured to allow MD5 and 96-bit MAC algorithms.
Description
The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are
considered weak.
Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software
versions.
Solution
Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
Risk Factor
Low
Best regards,
Chung
Solved! See The Solution
Hello,
I found this bug: https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=424122
From there:
" Certain versions of security scanners might report one or more of the CVEs
listed in the Notes section as vulnerabilities present in the product.
NetApp has assessed the product and determined that it is vulnerable but
that an attack attempt has a low probability of success. Each failure will
cause a connection termination with a fatal error and an attacker would be
required to launch thousands of connection-killing attempts before achieving
a successful result.
This CVE has a CVSS v2 Base Score of 2.6 (LOW) (AV:N/AC:H/Au:N/C:P/I:N/A:N)."
There is not workaround and the bug is related to 7-mode systems (which I do not know if it is your case).
Regards,
Pedro
Hello,
I found this bug: https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=424122
From there:
" Certain versions of security scanners might report one or more of the CVEs
listed in the Notes section as vulnerabilities present in the product.
NetApp has assessed the product and determined that it is vulnerable but
that an attack attempt has a low probability of success. Each failure will
cause a connection termination with a fatal error and an attacker would be
required to launch thousands of connection-killing attempts before achieving
a successful result.
This CVE has a CVSS v2 Base Score of 2.6 (LOW) (AV:N/AC:H/Au:N/C:P/I:N/A:N)."
There is not workaround and the bug is related to 7-mode systems (which I do not know if it is your case).
Regards,
Pedro
Please open a support case with the details and support can investigate current state for you.
Please post the support case # when it is available.