The Automation Engine JCP Websocket (8443) and JCP REST components are vulnerable to the Logjam attack outlined in CVE-2015-4000
Testssl.sh (open source tool) detected the following problem:
LOGJAM (CVE-2015-4000), experimental VULNERABLE (NOT ok): common prime: RFC2409/Oakley Group 2 (1024 bits),
but no DH EXPORT ciphers
Release : 21.0.3
Component : AUTOMATION ENGINE
Weak ciphers were not disabled.
This has been resolved with release 21.0.4 which is available now from the Automic Download Center.
The weak ciphers have been disabled.