Symptoms:
Vulnerability scans have found that your CA Network Flow Analysis reporter console server has SSL cyphers that are too weak. You need to disable these SSL versions.
Environment:
All versions of CA Network Flow Analysis up to and including 9.3.0.
Cause:
In CA Network Flow Analysis 9.3.0, the embedded Java version is 1.6u45. SSLv3 was not disabled until Java 1.6u91.
Resolution/Workaround:
Upgrade to at least CA Network Flow Analysis 9.3.1 to upgrade your embedded Java version to disable SSLv3 and use TLS versions with stronger cyphers.
Additional Information:
Starting in CA Network Flow Analysis 9.3.1, the embedded Java version is 1.7u76. SSLv3 is disabled in Java 1.6u91 and all later versions.
Note: Upgrading the embedded Java version is unsupported unless performed as part of an CA Network Flow Analysis upgrade.