2016 CVE has surfaced in inspector across many OS's and locations

1

Hello, I have an AWS account with inspector. CVE-2016-2183 was detected this month across many servers of our fleet, different OS's (windows) and regions. Is it possible this is an error with inspector? we don't have support so I can't raise directly with AWS.

I'm not aware of a fleet wide change that could surface this very old item, it's even visible on a domain controller with basically nothing else installed other than AV and AWS SW. Also present on machine build recently from AMI.

Appreciate any pointers, thank you.

DanielM
已提问 1 年前529 查看次数
1 回答
0

The CVE-2016-2183 is prevalent in TLS 1.0 and TLS 1.1 which support 3DES Encryption. Conside upadting to TLS 1.2 as a minimum (the 3DES cypher is dropped by default) and remove vulnerable ciphers.

AWS
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则