SR-680374472 SG500: Vulnerability issues with SSL

Available Languages

Download Options

  • PDF     (3.2 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (44.9 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (61.8 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:December 10, 2018
Document ID:SMB5564

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

SR-680374472 SG500: Vulnerability issues with SSL

Summary

Nessus scan found vulnerabilities in cypher suites supported.

Date Identified

May 18, 2016

Date Resolved

February 17, 2017

Products Affected

Model

Firmware Version

SG500 Series

1.4.5.02

Issue Description

Nessus scan shows a weak hash algorithm, an SSL vulnerability. The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.

Resolution

Issue should be fixed when you upgrade to the latest firmware version 1.4.7.06.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco