Which version of Malware Analysis Appliance addresses CVE-2015-2808?

Article Id: 168933

Status: Published

Updated On: 20-08-2018 22:42

Legacy Id: TECH245700

Products:

Malware Analysis Software - MA

Issue/Introduction:

Symantec Malware Analysis Appliance versions prior to MAA 4.2.8 allow the use of the RC4 algorithm, thus susceptible to CVE-2015-2808. See https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2808 for more details.

Resolution:

Upgrade to MAA 4.2.8 or newer as they no longer support the RC4 algorithm and will address CVE-2015-2808.