En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

2016 CVE has surfaced in inspector across many OS's and locations

1

Hello, I have an AWS account with inspector. CVE-2016-2183 was detected this month across many servers of our fleet, different OS's (windows) and regions. Is it possible this is an error with inspector? we don't have support so I can't raise directly with AWS.

I'm not aware of a fleet wide change that could surface this very old item, it's even visible on a domain controller with basically nothing else installed other than AV and AWS SW. Also present on machine build recently from AMI.

Appreciate any pointers, thank you.

Sujets
Sécurité, identité et conformitéCalcul
Balises
Sécurité, identité et conformitéAmazon InspectorWindows
Langue
English
DanielM
demandé il y a un an491 vues
1 réponse
0

The CVE-2016-2183 is prevalent in TLS 1.0 and TLS 1.1 which support 3DES Encryption. Conside upadting to TLS 1.2 as a minimum (the 3DES cypher is dropped by default) and remove vulnerable ciphers.

AWS
AWS-User-3585849
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents