Follow

arcserve-KB : UDP | Windows Agent || TLS 1.0 vulnerability - Port 8014

Last Update: 2017-12-27 12:36:31 UTC
Description:
Port 8014 shows as vulnerable since it has TLS 1.0 enabled.

Environment:
UDP version: v6.5 build 4175
OS: 2008 r2 standard x64 editions
Port number: 8014

Application log information in event viewer:
TLS is capable of using a multitude of ciphers (algorithms) to create the public and private key pairs.
For example if TLSv1.0 uses either the RC4 stream cipher, or a block cipher in CBC mode. RC4 is known to have biases and the block cipher in CBC mode is vulnerable to the POODLE attack.
For example: An attacker could force a downgrade from the TLS protocol to the older SSLv3.0 protocol and exploit the POODLE vulnerability, read secure communications or maliciously modify messages.
A POODLE-type attack could also be launched directly at TLS without negotiating a downgrade.

Antivirus log values:
Disable the use of TLSv1.0 protocol in favor of a cryptographically stronger protocol such as TLSv1.2.

Solution:
  • If its a requirement to accept TLS 1.2 only, we can use 'SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1'
  • Edit config file Arcserve\Unified Data Protection\Common\Apache\conf\extra\rps-ssl.conf ( if Agent is standalone, the file is httpd-ssl.conf )
  • Set 'SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1' (please make sure set 'SSLProtocol' into <VirtualHost> section )
  • Restart agent service.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments