Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

2016 CVE has surfaced in inspector across many OS's and locations

1

Hello, I have an AWS account with inspector. CVE-2016-2183 was detected this month across many servers of our fleet, different OS's (windows) and regions. Is it possible this is an error with inspector? we don't have support so I can't raise directly with AWS.

I'm not aware of a fleet wide change that could surface this very old item, it's even visible on a domain controller with basically nothing else installed other than AV and AWS SW. Also present on machine build recently from AMI.

Appreciate any pointers, thank you.

Argomenti
Sicurezza, identità e conformitàComputazionali
Tag
Sicurezza, identità e conformitàAmazon InspectorWindows
Lingua
English
DanielM
posta un anno fa491 visualizzazioni
1 Risposta
0

The CVE-2016-2183 is prevalent in TLS 1.0 and TLS 1.1 which support 3DES Encryption. Conside upadting to TLS 1.2 as a minimum (the 3DES cypher is dropped by default) and remove vulnerable ciphers.

AWS
AWS-User-3585849
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente