Output Management Document ViewerOutput Management Web Viewer
Issue/Introduction
Our security team has found a vulnerability in the CA Output Management Web Viewer 12.1 application "SSL/TLS use of weak RC4 cipher". The application for is configured for TLS1.2.
We will have to disable the RC4 cipher. Will it be a problem for the application if we disable this.
Environment
Release: Component: WBVLUW
Resolution
The certificate is vulnerable; not the application. Since the cipher is now considered vulnerable, new certificates will be required as the cipher is defined in the certificates.
Just disabling the RC4 cipher will invalidate the certificate preventing Web Viewer from operating so that is not an option.