CA Identity Suite 14.2 Virtual Appliance, Vulnerabilty Assessment SSH
Article ID: 108019
CA Identity ManagerCA Identity GovernanceCA Identity Portal
If runs a vulnerabilty scan in Identity Suite Virtual Appliance 14.2 with Cumulative Patch CP-OS-140200-20180611, and identified an misconfiguration vulnerability in SSH protocol
We will need remove the following ciphers: - arcfour - arcfour128 - arcfour256.
However Virtual Appliance is blinded and it's not allowed to do this action.
The vulnerability report of Nessus is "90317 (1) - SSH Weak Algorithms Supported"
CA Identity Suite 14.2 Virtual Appliance plus the last OS patch CP-OS-140200-20180611. Nessus tool to run scan over the CA Identity Suite Virtual Appliance.
Please, open a CA Support case and ask to provide you the hot-fix HF-DE371990-20180627-0001.tar.gpg to resolve the vulnerability "90317 (1) - SSH Weak Algorithms Supported"
Make sure have the last OS patch already installed before apply this patch CP-OS-140200-20180611. If last OS patch is not this anymore, contact CA Support to check the last one or access the release notes of CA Identity Suite 14.2 in this link: