SSL Cipher Block Chaining Cipher Suites Supported

%3CLINGO-SUB%20id%3D%22lingo-sub-3379190%22%20slang%3D%22en-US%22%3ESSL%20Cipher%20Block%20Chaining%20Cipher%20Suites%20Supported%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3379190%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EEnvironment%20Exchange%202016%20and%20windows%202012%20R2%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETLS%201.0%20and%20TLS%201.1%20is%20disabled%20and%20only%20TLS%201.2%20is%20enabled.%3C%2FP%3E%3CP%3EBelow%20registry%20keys%20are%20present%3C%2FP%3E%3CP%3E%5BHKEY_LOCAL_MACHINE%5CSOFTWARE%5CWOW6432Node%5CMicrosoft%5C.NETFramework%5Cv4.0.30319%5D%3C%2FP%3E%3CP%3E%22SystemDefaultTlsVersions%22%3Ddword%3A00000001%3C%2FP%3E%3CP%3E%22SchUseStrongCrypto%22%3Ddword%3A00000001%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%5BHKEY_LOCAL_MACHINE%5CSOFTWARE%5CMicrosoft%5C.NETFramework%5Cv4.0.30319%5D%3C%2FP%3E%3CP%3E%22SystemDefaultTlsVersions%22%3Ddword%3A00000001%3C%2FP%3E%3CP%3E%22SchUseStrongCrypto%22%3Ddword%3A00000001%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EVulnerability%20scan%20reports%20%3A%3C%2FP%3E%3CP%3EName%20%3ASSL%20Cipher%20Block%20Chaining%20Cipher%20Suites%20Supported%3C%2FP%3E%3CP%3ESynopsis%20%3A%20The%20remote%20service%20supports%20the%20use%20of%20SSL%20Cipher%20Block%20Chaining%3C%2FP%3E%3CP%3Eciphers%2C%20which%20combine%20previous%20blocks%20with%20subsequent%20ones.%3C%2FP%3E%3CP%3EDescription%20%3A%20The%20remote%20host%20supports%20the%20use%20of%20SSL%20ciphers%20that%20operate%20in%20Cipher%3C%2FP%3E%3CP%3EBlock%20Chaining%20(CBC)%20mode.%20These%20cipher%20suites%20offer%20additional%3C%2FP%3E%3CP%3Esecurity%20over%20Electronic%20Codebook%20(ECB)%20mode%2C%20but%20have%20the%20potential%20to%3C%2FP%3E%3CP%3Eleak%20information%20if%20used%20improperly.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECould%20you%20please%20advise%20what%20are%20next%20steps%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3379190%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESSL%20Cipher%20Block%20Chaining%20Cipher%20Suites%20Supported%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

Hello,

 

Environment Exchange 2016 and windows 2012 R2

 

TLS 1.0 and TLS 1.1 is disabled and only TLS 1.2 is enabled.

Below registry keys are present

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]

"SystemDefaultTlsVersions"=dword:00000001

"SchUseStrongCrypto"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]

"SystemDefaultTlsVersions"=dword:00000001

"SchUseStrongCrypto"=dword:00000001

 

Vulnerability scan reports :

Name :SSL Cipher Block Chaining Cipher Suites Supported

Synopsis : The remote service supports the use of SSL Cipher Block Chaining

ciphers, which combine previous blocks with subsequent ones.

Description : The remote host supports the use of SSL ciphers that operate in Cipher

Block Chaining (CBC) mode. These cipher suites offer additional

security over Electronic Codebook (ECB) mode, but have the potential to

leak information if used improperly.

 

Could you please advise what are next steps

0 Replies