Guest

Preview Tool

Cisco Bug: CSCuq55666 - [ENH]Cluster communication should not rely only on CBC ciphers

Last Modified

Aug 29, 2018

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

11.1.0-131 8.0.2-055 8.5.6-092 9.7.1-066

Description (partial)

Symptom:
With 3des-cbc or blowfish-cbc ciphers removed under sshconfig -> sshd ESAs will not be able to join cluster
Error presented: 'Unexpected EOF on connect'"

Conditions:
ESAs cannot join cluster if 3des-cbc or blowfish-cbc ciphers are removed from the list of SSH ciphers. Having this restriction, customer's vulnerability tests are failing due to CVE-2008-5161
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.