NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

bsublett's avatar
bsublett
Aspirant
Aug 18, 2022
Solved

M4250-26G4XF-PoE+ showing TLS 1.0/TLS 1.1 vulnerability

My Tenable scan shows that all of my M4250-26G4XF-PoE+ switches have the SWEET32 vulnerability.  When I look at the HTTPS cert it shows that I'm on TLS1.2.  How can I set the minimum version to exclude 1.0 and 1.1?  I'm on firmware 13.0.2.31.

 

Thank you.

Brian

 

5 Replies

  • schumaku's avatar
    schumaku
    Guru - Experienced User
    Aug 18, 2022

    Realized there are two device WebUI on these switch model lines? The classic config Web UI, and the other AV Web UI ... the second is not updated.

    • bsublett's avatar
      bsublett
      Aspirant
      Aug 18, 2022

      Thank you for the assistance!  I'm poking around the AV login, but I don't see anything in here for TLS.  I must really be missing something--is there just not a way to disable it at this time, not even via the CLI?

      • schumaku's avatar
        schumaku
        Guru - Experienced User
        Aug 21, 2022

        Nothing configurable specifically for the AV Web port AFAIK. LaurentMa svp.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More