CA Web Viewer 12.1 SSL/TLS use of weak RC4 cipher
Article ID: 129110
Updated On:
Products
Output Management Document Viewer
Output Management Web Viewer
Issue/Introduction
Our security team has found a vulnerability in the CA Output Management Web Viewer 12.1 application "SSL/TLS use of weak RC4 cipher". The application for is configured for TLS1.2.
We will have to disable the RC4 cipher. Will it be a problem for the application if we disable this.
We will have to disable the RC4 cipher. Will it be a problem for the application if we disable this.
Environment
Release:
Component: WBVLUW
Component: WBVLUW
Resolution
The certificate is vulnerable; not the application. Since the cipher is now considered vulnerable, new certificates will be required as the cipher is defined in the certificates.
Just disabling the RC4 cipher will invalidate the certificate preventing Web Viewer from operating so that is not an option.
Just disabling the RC4 cipher will invalidate the certificate preventing Web Viewer from operating so that is not an option.
Feedback
Yes
No
Powered by
