cancel
Showing results for 
Search instead for 
Did you mean: 

Question after pentesting

Hello, During implementation McAfee SIEM for one of our customers , penetration tests were executed (10.4.0 patch 9) that pointed out that for McAfee SIEM devices : ESM, ELM, ERC and ACE there is outdated ssh software version applied. for 10.4 it is SSH_FIPS-7.8p1, OpenSSL 1.0.2p-fips 14 Aug 2018 for 11.3 it is also SSH_FIPS-7.8p1, OpenSSL 1.0.2p-fips 14 Aug 2018 Could you please provide information whether the newer version of SSH implementation ( and if possible which version ) is planned to be included in McAfee releases and when this could be expected? Another finding was that on ERCs (checked on 10.4.0_GA_patch_9) there are outdated protocols and ciphers enabled in Syslog over TLS port(s) configuration. Some deprecated protocols (SSLv3, TLSv1, TLSv1.1) and cipher suites (based on RC4, 3DES) are allowed for negotiation with clients. Could you please provide explanation whether these issues can be remediated by SIEM engineers or will this be planned/mitigated in new software versions? Thank you.
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community