cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL Cipher Block Chaining Cipher Suites Supported

ckajit
Copper Contributor

‎May 16 2022 02:59 AM

‎May 16 2022 02:59 AM

SSL Cipher Block Chaining Cipher Suites Supported

Hello,

 

Environment Exchange 2016 and windows 2012 R2

 

TLS 1.0 and TLS 1.1 is disabled and only TLS 1.2 is enabled.

Below registry keys are present

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]

"SystemDefaultTlsVersions"=dword:00000001

"SchUseStrongCrypto"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]

"SystemDefaultTlsVersions"=dword:00000001

"SchUseStrongCrypto"=dword:00000001

 

Vulnerability scan reports :

Name :SSL Cipher Block Chaining Cipher Suites Supported

Synopsis : The remote service supports the use of SSL Cipher Block Chaining

ciphers, which combine previous blocks with subsequent ones.

Description : The remote host supports the use of SSL ciphers that operate in Cipher

Block Chaining (CBC) mode. These cipher suites offer additional

security over Electronic Codebook (ECB) mode, but have the potential to

leak information if used improperly.

 

Could you please advise what are next steps

3,727 Views
0 Likes
0 Replies
Reply
0 Replies