NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
TLS 1.0 Sweet 32
I have 2 questions/issues I need to resolve. I have a ReadyNAS 2304 running firmware 6.9.3. We recently went through a vulnerability scan. The following is the results of the scan and I would like to know how to resolve these.
| Vulnerability Detection Result 'Vulnerable' cipher suites accepted by this service via the TLSv1.0 protocol: TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32) 'Vulnerable' cipher suites accepted by this service via the TLSv1.1 protocol: TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32) 'Vulnerable' cipher suites accepted by this service via the TLSv1.2 protocol: TLS_RSA_WITH_3DES_EDE_CBC_SHA (SWEET32) |
Sweet 32 is a couple years old and I was surprised to see it since we are running the latest firmware I could find. I thought it would have been resolved in a previous release.
The other vulnerability reported was for the key size being used.
| Summary The SSL/TLS service uses Diffe-Hellman groups with insuffcient strength (key size < 2048). |
||||||
| Vulnerability Detection Result Server Temporary Key Size: 1024 bits |
Any help is appreciated.
Thanks in advance,
Dan
Not sure if there's a persistant way to fix this (that survives reboots, firmware upgrades, etc).
But you can also report it here: https://bugcrowd.com/netgearkudos Won't hurt, and might help.
Perhaps add a reference to CVE-2016-2183 for the Sweet32 report.
1 Reply
Not sure if there's a persistant way to fix this (that survives reboots, firmware upgrades, etc).
But you can also report it here: https://bugcrowd.com/netgearkudos Won't hurt, and might help.
Perhaps add a reference to CVE-2016-2183 for the Sweet32 report.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
