The below vulnerabilities are reported on UIM hub servers:

CVE-2005-4900, CVE-2004-2761 - SSL Certificate Signed Using Weak Hashing Algorithm

DX UIM 20.4x with hub prior to 23.4.0

CVE-2005-4900,CVE-2004-2761

• CVE-2005-4900 was never present as MD5 was never used.
• CVE-2004-2761 is remediated for tunnel clients as noted below:
  • As of hub 23.4.0, the signature hash algorithm is upgraded to SHA-384 for the certificates generated by hub.  Existing certs are not changed by upgrading the hub probe.
    
    
• To update the certificates to use the new algorithms, please do the following:
  
  • Ensure that you are running hub 23.4.0 or higher on all hub tunnel servers and clients.  This version is available in UIM 23.4.
  • Delete the old certificates
  • Recreate the new certificates on tunnel servers
  • Apply the new certificates to tunnel clients
  • More specific information can be found in the following article that describes replacing old certificates:
    The tunnel certificate will expire ... how to replace it before it does?

In hub 23.4.0 onwards, tunnel certificates use SHA-384 instead of SHA-1.

So "SSL Certificate Signed Using Weak Hashing Algorithm" vulnerability would be resolved if upgraded to 23.4 for new certificates going forward, but the old certificates should be deleted and new certificates should be created after completing the upgrade.