Dell Unity: Nessus Full Safe Vulnerability Security Scan recommends disabling SSL/TLS CBC ciphers
摘要: Nessus Full Safe Vulnerability Security Scan recommends disabling specific SSL/TLS CBC ciphers on Unity. Currently, these ciphers cannot be disabled on Unity.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
安全性文章類型
Security KB
問題摘要
Nessus Full Safe Vulnerability Security Scan recommends disabling specific SSL/TLS CBC ciphers.
Supported CBC ciphers on Unity can also be detected through nmap script "ssl-enum-ciphers" over port 443.
詳細資料
After Unity with TLS 1.2 or higher is enabled, the Full Safe Vulnerability Security Scan may still report the following recommendations to remove CBC ciphers supported by Unity:
"The remote service supports the use of SSL Cipher Block Chaining ciphers, which combine previous blocks with subsequent ones"
"The remote host has open SSL/TLS ports which advertise discouraged cipher suites"
"The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining (CBC) mode. These cipher suites offer additional security over Electronic Codebook (ECB) mode, but have the potential to leak information if used improperly"
CBC ciphers supported by Unity (OE 5.2.0.0.5.173) can also be detected using nmap script "ssl-enum-ciphers" over port 443:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
建議
Currently, CBC ciphers cannot be disabled on Unity arrays and no workaround is available.
法律免責聲明
受影響的產品
Dell EMC Unity文章屬性
文章編號: 000202982
文章類型: Security KB
上次修改時間: 20 1月 2026
版本: 2
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。