Home/Support/Support Forum/Looking for SSL/TLS and SSH vulnerability fixes for AnywhereUSB/5 MHC
New and improved user forum site going live on 12/6 (All users will need to reset their password when the new forum is active)
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Looking for SSL/TLS and SSH vulnerability fixes for AnywhereUSB/5 MHC

0 votes
We have two AnywhereUSB 5M hubs recently installed and scanned by our security team and we were able to re-mediate some issues but a few remain that I am not sure if or how it can be corrected on these hubs. I am looking for any information on if/how the following issues may be corrected:

ISSUE: A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system.<br><br>TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.<br><br> POSSIBLE RESOLUTION: Configure SSL/TLS to only use TLS 1.1 or TLS 1.2 if supported. Configure SSL/TLS servers to only support cipher suites that do not use block ciphers.

ISSUE: The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. POSSIBLE RESOLUTION: Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.

ISSUE: The SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak. POSSIBLE RESOLUTION: Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
asked Oct 23, 2014 in Realport by mr4422 New to the Community (0 points)

Please log in or register to answer this question.

1 Answer

0 votes
Recommend contacting Digi Tech. Support regarding this issue: 1-877-912-3444 or on-line: http://www.digi.com/login?ReturnUrl=%2fsupport%2feservice%2f
answered Oct 27, 2014 by userid0 Veteran of the Digi Community (2,158 points)
...