This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
SelvaRANI
Beginner
Beginner
‎2012-10-29 10:39 AM

Vulnerabilities found in RSA enVision Appliance

New Vulnerabilities were identified during Vulnerability Assessment of RSA enVision Appliance

 

1) Web Server Supports Weak SSL Encryption Certificates

2) IETF X.509 Certificate Signature Collision Vulnerability

3) Dell OpenManage 'file' Parameter URI Redirection Vulnerability

 

The Scan was executed from Mcafee Vulnerability Manager.

Please find Attached screenshots of details of Vulnerabilities numbered respectively.

Please provide us workaround for closure on the same or suggest if these vulnerabilities are false positives on RSA Appliances or not?

Preview file
198 KB
Preview file
174 KB
Preview file
189 KB
0 Likes
Reply
2 Replies
RSAAdmin
Beginner
Beginner
‎2012-11-29 05:46 AM

Please raise a customer support ticket to get a response on this query, so that it is analyzed and say it is valid or not.

0 Likes
Reply
RSAAdmin
Beginner
Beginner
‎2012-11-29 11:28 AM

These vulnerabilities are all detected on tcp/1311 which happens to be Dell OpenManage.  If you do not use OpenManage you might consider disabling it, which wouldn't adversely affect enVision.

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.