Vulnerabilities found in RSA enVision Appliance

Discussion created by corporatesoc on Oct 29, 2012
Latest reply on Nov 29, 2012 by RSA Admin

New Vulnerabilities were identified during Vulnerability Assessment of RSA enVision Appliance


1) Web Server Supports Weak SSL Encryption Certificates

2) IETF X.509 Certificate Signature Collision Vulnerability

3) Dell OpenManage 'file' Parameter URI Redirection Vulnerability


The Scan was executed from Mcafee Vulnerability Manager.

Please find Attached screenshots of details of Vulnerabilities numbered respectively.

Please provide us workaround for closure on the same or suggest if these vulnerabilities are false positives on RSA Appliances or not?