By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

2016 CVE has surfaced in inspector across many OS's and locations

1

Hello, I have an AWS account with inspector. CVE-2016-2183 was detected this month across many servers of our fleet, different OS's (windows) and regions. Is it possible this is an error with inspector? we don't have support so I can't raise directly with AWS.

I'm not aware of a fleet wide change that could surface this very old item, it's even visible on a domain controller with basically nothing else installed other than AV and AWS SW. Also present on machine build recently from AMI.

Appreciate any pointers, thank you.

Topics
Security, Identity, & ComplianceCompute
Tags
Security, Identity, & ComplianceAmazon InspectorWindows
Language
English
DanielM
asked 10 months ago474 views
1 Answer
0

The CVE-2016-2183 is prevalent in TLS 1.0 and TLS 1.1 which support 3DES Encryption. Conside upadting to TLS 1.2 as a minimum (the 3DES cypher is dropped by default) and remove vulnerable ciphers.

AWS
AWS-User-3585849
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content