This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC 5.5.0 upgraded and agents still show vulnerability on TLS / SSL

Hello A

 

We have 2 Enterprise Consoles in our environment and cater to only 1200 + servers alone with no workstations. We had this vulnerability of TLS / SSL surfaced around 6 months back and at that time we had both our console on 5.4.0 Version.

 

When we raised a ticket with Sophos for a fix on this we were assured that post upgrade to 5.5.0 i.e. latest version of Sophos all agents would forcibly use TLS 1.2 and this vulnerability would be eliminated.

 

Now that we have our both SEC consoles on 5.5.0 version on a latest scan report of yesterday we could find that there are still agents facing SSL / TLS vulnerability and issue still prevails. We were surprised and shocked to see this. Clients have raised serious concerns on this issue and we need a immediate fix on this. What do we do ?



This thread was automatically locked due to age.
Parents
  • Hello Hariharan Chandrasekaran,

    internal or external audits or why the concern (or concerns) over the vulnerability?

    Question is, what does this scan scan? There's a thread from about a year ago when 5.4.1 came out. Meanwhile RMS has been updated and it seems the 1.2 is advertised [Edit] dunno what I have looked at, just traced again, it's still saying 0x160301 [/Edit] in the Client Hello [Edit] but it might still be the case that without the LegacyProtocolSupport disabled on the endpoint the scan would "find" TLS 1.0. in both directions. [/Edit] 

    Christian 

Reply
  • Hello Hariharan Chandrasekaran,

    internal or external audits or why the concern (or concerns) over the vulnerability?

    Question is, what does this scan scan? There's a thread from about a year ago when 5.4.1 came out. Meanwhile RMS has been updated and it seems the 1.2 is advertised [Edit] dunno what I have looked at, just traced again, it's still saying 0x160301 [/Edit] in the Client Hello [Edit] but it might still be the case that without the LegacyProtocolSupport disabled on the endpoint the scan would "find" TLS 1.0. in both directions. [/Edit] 

    Christian 

Children