Per recent vulnerability scan by Nessus, it's been found that an git SSH Server of Business Central has the following vulnerabilities.
1. CBC Mode Ciphers Enabled - The SSH server is configured to use Cipher Block Chaining. The following client-to-server Cipher Block Chaining (CBC) algorithms are supported : aes192-cbc aes256-cbc The following server-to-client Cipher Block Chaining (CBC) algorithms are supported : aes192-cbc aes256-cbc 2. SSH Weak MAC Algorithms Enabled - The remote SSH server is configured to allow MD5 and 96-bit MAC algorithms. The following client-to-server Message Authentication Code (MAC) algorithms are supported : hmac-md5 hmac-md5-96 hmac-sha1-96 The following server-to-client Message Authentication Code (MAC) algorithms are supported : hmac-md5 hmac-md5-96 hmac-sha1-96
Is there a way to disable these weak ciphers/macs?
- Red Hat JBoss BPM suite
- Red Hat JBoss BRMS
- 6.4.11 and before
- Red Hat Process Automation Manager
- Red Hat Decision Manager
- 7.2.x and before
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.