SWEET32 Vulnerabiility reported for OCP 4 Control Plane

Solution Verified - Updated -

Issue

  • Nessus reports vulnerability for OCP Control Plane ports TCP/2379, TCP 2380, TCP/9978, TCP/9979, TCP/9980, TCP/10257, TCP/10258, TCP/10259, and TCP/22623.: "Nessus Plugin ID: 42873 - SSL Medium Strength Cipher Suites Supported (SWEET32)".
  • Twistlock reports HIGH vulnerability: Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content