Running PAM 04.3.05 CP06 Penetration Testing
Main issue:
Weak Cipher Suites - ROBOT Attack : Vulnerable cipher suites are supported by the server
Proposed Solution:
It is also recommended to fully deprecate RSA encryption-based key exchanges in TLS because it does not provide Forward Secrecy
Port: 443
CWE: 203
Release : 4.3
CA Process Automation
pam.ssl.transport.
Documentation is available at below path:
https://techdocs.broadcom.com/
Above also applies to:
Main issue:
Weak Ciphers are detected: Not all cipher suites support Perfect Forward Secrecy
Proposed Solution:
Suport PFS by using cipher suites with ECDHE - Elliptic Curve Diffie-Hellman Ephemeral and DHE - Diffie-Hellman Ephemeral key exchanges.
Port: 443
CWE: 327