Symptom
In ASE15.5, SSL port may be reported as 'Vulnerability' by some audit software if ASE is using the following weak ciphers,
1> sp_ssladmin setcipher, "Weak"
2> go
The following cipher suites and order of preference are set for SSL connections:
Cipher Suite Name Preference
---------------------------------------------------------------- -----------
TLS_RSA_WITH_DES_CBC_SHA 1
TLS_DHE_DSS_WITH_DES_CBC_SHA 2
TLS_DHE_RSA_WITH_DES_CBC_SHA 3
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA 4
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA 5
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 6
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 7
TLS_RSA_EXPORT_WITH_RC4_40_MD5 8
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA 9
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 10
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 11
Read more...
Environment
- SAP Adaptive Server Enterprise (ASE) 15.5
Product
Keywords
ASE SSL, sp_ssladmin, weak, strong, TLS_RSA_WITH_DES_CBC_SHA , KBA , BC-SYB-ASE , Sybase ASE Database Platform (non Business Suite) , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.