Thank You. I am part of the SecurID Advisory. I am also waiting on a vulnerability remediation said to be in AM v8.6 P4, haven't gotten anything from the SecurID advisory yet, is there an ETA?
In the meantime, the following two lines will disallow TLS 1.1:
/opt/rsa/am/utils/rsautil store -a enable_min_protocol_tlsv1_2 true restart
This will allow TLS 1.2 and disallow TLS 1.1. This setting will remain in effect until another RSA AM Update is applied.
Thanks, we have already done but the Nexpose scanning on the servers still shows TLS 1.1 vulnerability and we were told that 8.6P7 will address it.