Vulnerabilities found in RSA enVision Appliance
New Vulnerabilities were identified during Vulnerability Assessment of RSA enVision Appliance
1) Web Server Supports Weak SSL Encryption Certificates
2) IETF X.509 Certificate Signature Collision Vulnerability
3) Dell OpenManage 'file' Parameter URI Redirection Vulnerability
The Scan was executed from Mcafee Vulnerability Manager.
Please find Attached screenshots of details of Vulnerabilities numbered respectively.
Please provide us workaround for closure on the same or suggest if these vulnerabilities are false positives on RSA Appliances or not?
These vulnerabilities are all detected on tcp/1311 which happens to be Dell OpenManage. If you do not use OpenManage you might consider disabling it, which wouldn't adversely affect enVision.