Using the attached security vulnerability patch-ssh-and-daas_1628619072372.sh script:

1) this patch addresses the SSH vulnerability by updating the Ciphers used for SSH in the MOI appliance file  /etc/ssh/sshd_config file as follows: 

Ciphers aes128-ctr,aes192-ctr,aes256-ctr

KexAlgorithms diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1

2)  it also removes the data service (daas) ports  7160 and 7161  by updating the MOI appliance file /opt/moi/dataservice/normal/docker-compose.yml
to address the TLS vulnerability with these ports.

Note that by turning off ports 7160 and 7161, Vantage Integration(deep linking) with the MOI UI WILL NOT be available.

Only use this security vulnerability patch if Vantage deep linking with MOI is not needed.

1) Download/Copy the patch-ssh-and-daas_1628619072372.sh file to the MOI appliance box.

2) Give execute permission to rpatch-ssh-and-daas_1628619072372.sh using the following command

   chmod +x patch-ssh-and-daas_1628619072372.sh

3) Execute the script using the following command

   ./patch-ssh-and-daas_1628619072372.sh

4) Once the execution is complete, the dataservice_dataservice_1 will be restarted since the daas ports were removed.

5) Execute command      docker ps -a   to monitor the health of the containers.                                                

   (wait 5 mins and check to ensure that all the Docker containers are up and healthy)