Symptom
- You found vulnerabilities for Weak SSL/TLS Key Exchange
- Impact- An attacker with access to sufficient computational power might be able to recover the session key and decrypt session content.
- Threat - """QID Detection Logic:
For a SSL enabled port, the scanner probes and maintains a list of supported SSL/TLS versions. For each supported version, the scanner does a SSL handshake to get a list of KEX methods supported by the server. It reports all KEX methods that are considered weak. The criteria of a weak KEX method is as follows: The SSL/TLS server supports key exchanges that are cryptographically weaker than recommended. Key exchanges
should provide at least 112 bits of security, which translates to a minimum key size of 2048 bits for Diffie Hellman and RSA key exchanges or 224 bits for Elliptic Curve Diffie Hellman key exchanges."""
Read more...
Environment
SAP UME by Knoa All versions
Keywords
KBA , XX-PART-KNO , Knoa Experience and Performance Manager , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.