SAP Knowledge Base Article - Preview

3255354 - AS Java Security Vulnerability - Weak cipher suites and TLS version


Third party security scan tool reports that AS Java has enabled weak TLS/SSL version and weak cipher suites. Example alerts:

  • SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)
  • Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
  • SSL/TLS Server supports TLSv1.0
  • SSL/TLS use of weak RC4(Arcfour) cipher
  • Host is Vulnerable to Extended Master Secret TLS Extension (TLS triple handshake)
  • TLS/SSL Server Does Not Support Any Strong Cipher Algorithms
  • No common SSL cipher suite with SSL client
  • SSL API error
  • etc.



SAP NetWeaver Application Server Java all versions


SAP Java Virtual Machine all versions ; SAP NetWeaver Application Server for Java all versions ; SAP NetWeaver all versions


Nessus, VASCan , KBA , BC-SEC-SSL , Secure Sockets Layer Protocol , BC-JAS-SEC , Security, User Management , BC-JAS-SEC-CPG , Cryptography , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.