3621792 - What to do when detect the MD5, RC4 vulnerability for sapstartsrv process by 3rd-party scan tools

Symptom

This note will introduce the steps for what to do when detect the MD5, RC4 vulnerability for sapstartsrv process by 3rd-party scan tool.

The HTTPS port for the sapstartsrv process should be 5<instance number>14.
For example: port 50114 - the HTTPS port of instance 01 sapstartsrv process.

Environment

SAP Netweaver ABAP Systems
SAP Netweaver JAVA Systems

Product

SAP NetWeaver 7.5 ; SAP NetWeaver Application Server for ABAP all versions ; SAP NetWeaver Application Server for ABAP for SAP S/4HANA Cloud 2005 ; SAP NetWeaver Application Server for Java 7.2 ; SAP enhancement package 2 for SAP NetWeaver 7.0

Keywords

sapstartsrv, ssl/ciphersuites, RC4, MD5, vulnerability, 50014, 50114,50214, sapgenpse tlsinfo, scan tools , KBA , BC-CST-STS , Startup Service , BC-SEC-SSL , Secure Sockets Layer Protocol , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.