Dell Unity: Nessus Full Safe Vulnerability Security Scan recommends disabling SSL/TLS CBC ciphers
Samenvatting: Nessus Full Safe Vulnerability Security Scan recommends disabling specific SSL/TLS CBC ciphers on Unity. Currently, these ciphers cannot be disabled on Unity.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Type beveiliging van artikel
Security KB
Probleemevaluatie
Nessus Full Safe Vulnerability Security Scan recommends disabling specific SSL/TLS CBC ciphers.
Supported CBC ciphers on Unity can also be detected through nmap script "ssl-enum-ciphers" over port 443.
Gegevens
After Unity with TLS 1.2 or higher is enabled, the Full Safe Vulnerability Security Scan may still report the following recommendations to remove CBC ciphers supported by Unity:
"The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones"
"The remote host has open SSL/TLS ports which advertise discouraged cipher suites"
"The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode. These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly"
CBC ciphers supported by Unity (OE 5.2.0.0.5.173) can also be detected using nmap script "ssl-enum-ciphers" over port 443:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Aanbevelingen
Currently, CBC ciphers cannot be disabled on Unity arrays and no workaround is available.
Juridische verklaring van afstand
Getroffen producten
Dell EMC UnityArtikeleigenschappen
Artikelnummer: 000202982
Artikeltype: Security KB
Laatst aangepast: 20 jan. 2026
Versie: 2
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.