A vulnerability scanner has indicated that SMG is vulnerable to the CVE-2011-3389 / BEAST attack.
CVE-2011-3389 / Beast
The SSL protocol, as used in certain configurations of Microsoft Windows and browsers such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera (and other products negotiating SSL connections) encrypts data by using CBC mode with chained initialization vectors. This potentially allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosenboundary
By supporting the affected protocols and ciphers, the server is enabling the clients in to being exploited.
Messaging Gateway implements SSL/TLS on three interfaces: Control Center, SMTP, and SSH. Each interface is addressed separately below.
CVE-2011-3389 was been addressed in version 10.5 with an added option to the cc-config command line tool allowing restriction of the SSL / TLS versions available to the web application server. Setting the minimum TLS level for the Control Center web application server to TLSv1.2 will remove all BEAST vulnerable ciphers:
This will restart the Control Center web application server after it is reconfigured.
smg [10.7.4-13]> cc-config set-min-tls-level --tls12
Stopping controlcenter (via systemctl): [ OK ]
Starting controlcenter (via systemctl): [ OK ]
This CVE is not relevant to TLS secured SMTP. The vulnerability specifically targets HTTPS session headers which are not part of the SMTP protocol. Additionally, the amount of data required to execute the BEAST attack exceeds SMG SMTP session limits.
This CVE is not relevant to the SSH protocol. The ssh port may be further secured, however, by disabling CBC based ciphers.