cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL RC4 Cipher Suites Supported (Bar Mitzvah)-vulnerability

Jump to solution

Hi ,

We are getting the vulnerability issue for Mcafee SIEM log server 

Service impact: If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, and may be able to derive the plaintext. (CVE-2015-2808).

How can fix the issue for this issue? 

Thanks and regards,

Ravichandran P

 

1 Solution

Accepted Solutions
lratcliffe
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: SSL RC4 Cipher Suites Supported (Bar Mitzvah)-vulnerability

Jump to solution

ESM appliances do not run any services which would listen on ports 6514 or 10514.  Receivers can, but ESMs do not.  If you are seeing this vulnerability on your ESM, it is running software and services that are not deployed by McAfee.

Please raise a service request to investigate this.  https://support.mcafee.com/

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

3 Replies
lratcliffe
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: SSL RC4 Cipher Suites Supported (Bar Mitzvah)-vulnerability

Jump to solution

Please raise a service request detailing:

1. The version of SIEM you are running

2. The appliance in question

3. What port number you are showing the vulnerability on

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: SSL RC4 Cipher Suites Supported (Bar Mitzvah)-vulnerability

Jump to solution

Hi Team,

Please raise a service request details

1. The version of SIEM you are running

ESM version: 11.3.2.20200730

2. The appliance in question

ESM appliance

3. What port number you are showing the vulnerability on

{tcp:6514, 10514}

lratcliffe
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: SSL RC4 Cipher Suites Supported (Bar Mitzvah)-vulnerability

Jump to solution

ESM appliances do not run any services which would listen on ports 6514 or 10514.  Receivers can, but ESMs do not.  If you are seeing this vulnerability on your ESM, it is running software and services that are not deployed by McAfee.

Please raise a service request to investigate this.  https://support.mcafee.com/

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community