Our security scan has detected one or more of the following vulnerabilities for the DX UIM Admin Console and/or Operator Console, identified as "TLS ROBOT" vulnerability-
CVE-2017-6168
CVE-2017-17382
CVE-2017-17427
CVE-2017-17428
CVE-2017-12373
CVE-2017-13098
CVE-2017-1000385
CVE-2017-13099
CVE-2016-6883
CVE-2012-5081
How can we mitigate this?
This represents a vulnerability in HTTPS for certain cipher suites that can allow a man-in-the-middle attacker to decrypt SSL traffic which they have captured.
To eliminate the vulnerable cipher suites, take the following steps on each wasp probe in the environment. There will be at least the following wasp probes:
1. The primary hub (hosts Admin Console)
2. CABI server
3. Operator Console (in the case of multiple nodes, each Operator Console node will have its own wasp probe).
For each wasp probe, take the following steps: